VYPR

Go modules package

github.com/jackc/pgx/v5

pkg:golang/github.com/jackc/pgx/v5

Vulnerabilities (3)

  • CVE-2026-41889CriMay 8, 2026
    affected < 5.9.2fixed 5.9.2

    pgx is a PostgreSQL driver and toolkit for Go. Prior to version 5.9.2, SQL injection can occur when the non-default simple protocol is used, a dollar quoted string literal is used in the SQL query, that string literal contains text that would be would be interpreted as a placehol

  • CVE-2026-33816CriApr 7, 2026
    affected < 5.9.0fixed 5.9.0

    Memory-safety vulnerability in github.com/jackc/pgx/v5.

  • CVE-2024-27304CriMar 6, 2024
    affected >= 5.0.0, < 5.5.4fixed 5.5.4

    pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the atta