VYPR

Go modules package

github.com/jackc/pgproto3/v2

pkg:golang/github.com/jackc/pgproto3/v2

Vulnerabilities (1)

  • CVE-2026-32286HigMar 26, 2026
    affected >= 2.0.0, <= 2.3.3

    The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic.