FKIE_CVE-2024-27289

Vulnerability from fkie_nvd - Published: 2024-03-06 19:15 - Updated: 2025-12-04 18:34
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
pgx is a PostgreSQL driver and toolkit for Go. Prior to version 4.18.2, SQL injection can occur when all of the following conditions are met: the non-default simple protocol is used; a placeholder for a numeric value must be immediately preceded by a minus; there must be a second placeholder for a string value after the first placeholder; both must be on the same line; and both parameter values must be user-controlled. The problem is resolved in v4.18.2. As a workaround, do not use the simple protocol or do not place a minus directly before a placeholder.
References
security-advisories@github.comhttps://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81dfPatch
security-advisories@github.comhttps://github.com/jackc/pgx/security/advisories/GHSA-m7wr-2xf7-cm9pVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81dfPatch
af854a3a-2127-422b-91ae-364da2661108https://github.com/jackc/pgx/security/advisories/GHSA-m7wr-2xf7-cm9pVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.sonarsource.com/blog/double-dash-double-trouble-a-subtle-sql-injection-flaw/Third Party Advisory
Impacted products
Vendor Product Version
sgx_project sgx *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sgx_project:sgx:*:*:*:*:*:go:*:*",
              "matchCriteriaId": "D5E5CC69-184A-457B-B116-16794C8C2449",
              "versionEndExcluding": "4.18.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "pgx is a PostgreSQL driver and toolkit for Go. Prior to version 4.18.2, SQL injection can occur when all of the following conditions are met: the non-default simple protocol is used; a placeholder for a numeric value must be immediately preceded by a minus; there must be a second placeholder for a string value after the first placeholder; both must be on the same line; and both parameter values must be user-controlled. The problem is resolved in v4.18.2. As a workaround, do not use the simple protocol or do not place a minus directly before a placeholder.\n"
    },
    {
      "lang": "es",
      "value": "pgx es un controlador PostgreSQL y un conjunto de herramientas para Go. Antes de la versi\u00f3n 4.18.2, la inyecci\u00f3n SQL puede ocurrir cuando se cumplen todas las condiciones siguientes: se utiliza el protocolo simple no predeterminado; un marcador de posici\u00f3n para un valor num\u00e9rico debe ir precedido inmediatamente de un signo menos; debe haber un segundo marcador de posici\u00f3n para un valor de cadena despu\u00e9s del primer marcador de posici\u00f3n; ambos deben estar en la misma l\u00ednea; y ambos valores de par\u00e1metros deben ser controlados por el usuario. El problema se resuelve en v4.18.2. Como soluci\u00f3n alternativa, no utilice el protocolo simple ni coloque un signo menos directamente antes de un marcador de posici\u00f3n."
    }
  ],
  "id": "CVE-2024-27289",
  "lastModified": "2025-12-04T18:34:38.180",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.9,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-03-06T19:15:08.140",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/jackc/pgx/security/advisories/GHSA-m7wr-2xf7-cm9p"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/jackc/pgx/security/advisories/GHSA-m7wr-2xf7-cm9p"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.sonarsource.com/blog/double-dash-double-trouble-a-subtle-sql-injection-flaw/"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Undergoing Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.