npm package
pg-promise
pkg:npm/pg-promise
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-29744 | Med | 5.4 | < 11.5.5 | 11.5.5 | Jun 12, 2025 | pg-promise before 11.5.5 is vulnerable to SQL Injection due to improper handling of negative numbers. |
- affected < 11.5.5fixed 11.5.5
pg-promise before 11.5.5 is vulnerable to SQL Injection due to improper handling of negative numbers.