VYPR

npm package

pg

pkg:npm/pg

Vulnerabilities (1)

  • CVE-2017-16082CriJun 7, 2018
    affected < 2.11.2fixed 2.11.2

    A remote code execution vulnerability was found within the pg module when the remote database or query specifies a specially crafted column name. There are 2 likely scenarios in which one would likely be vulnerable. 1) Executing unsafe, user-supplied sql which contains a maliciou