High severity7.3NVD Advisory· Published Aug 26, 2019· Updated Jun 17, 2026
CVE-2019-15658
CVE-2019-15658
Description
connect-pg-simple before 6.0.1 allows SQL injection if tableName or schemaName is untrusted data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
connect-pg-simplenpm | < 6.0.1 | 6.0.1 |
Affected products
2- connect-pg-simple/connect-pg-simpledescription
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-xqh8-5j36-4556ghsaADVISORY
- github.com/voxpelli/node-connect-pg-simple/security/advisories/GHSA-xqh8-5j36-4556nvdThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2019-15658ghsaADVISORY
- snyk.io/vuln/SNYK-JS-CONNECTPGSIMPLE-460154ghsaWEB
- www.npmjs.com/advisories/1153ghsaWEB
News mentions
0No linked articles in our index yet.