VYPR
High severity8.5NVD Advisory· Published Aug 9, 2018· Updated Jun 17, 2026

CVE-2018-10915

CVE-2018-10915

Description

A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction. Postgresql versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 are affected.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

42

Patches

Vulnerability mechanics

References

17

News mentions

0

No linked articles in our index yet.