Unrated severityNVD Advisory· Published Oct 22, 2009· Updated Apr 23, 2026

CVE-2009-2943

Description

The postgresql-ocaml bindings 1.5.4, 1.7.0, and 1.12.1 for PostgreSQL libpq do not properly support the PQescapeStringConn function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings.

Affected products

Ocaml/Postgresql Ocaml3 versions
cpe:2.3:a:ocaml:postgresql-ocaml:1.12.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:ocaml:postgresql-ocaml:1.12.1:*:*:*:*:*:*:*
- cpe:2.3:a:ocaml:postgresql-ocaml:1.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:ocaml:postgresql-ocaml:1.7.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.debian.org/security/2009/dsa-1909nvdPatch
secunia.com/advisories/37048nvdVendor Advisory
www.osvdb.org/59029nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000