Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-J32J-2HXV-RQF7
HistoryJun 18, 2022 - 12:00 a.m.

pg-native and libpq vulnerable to uncontrolled resource consumption

2022-06-1800:00:20
Google
osv.dev
67
pg-native
libpq
resource consumption
vulnerability
denial of service
npm's libpq

EPSS

0.001

Percentile

31.9%

JSON

pg-native before 3.0.1 and libpq before 1.8.10 are vulnerable to Denial of Service (DoS) when the addons attempt to cast the second argument to an array and fail. This happens for every non-array argument passed. Note: pg-native is a mere binding to npm’s libpq library, which in turn has the addons and bindings to the actual C libpq library. This means that problems found in pg-native may transitively impact npm’s libpq.

Related

nvd 1
prion 1
cve 1
cvelist 1
github 1
nvd
nvd
CVE-2022-25852
2022-06-17 20:15:10
prion
prion
Design/Logic Flaw
2022-06-17 20:15:00
cve
cve
CVE-2022-25852
2022-06-17 20:15:10
cvelist
cvelist
CVE-2022-25852 Denial of Service (DoS)
2022-06-17 20:05:29
github
github
pg-native and libpq vulnerable to uncontrolled resource consumption
2022-06-18 00:00:20

EPSS

0.001

Percentile

31.9%

JSON
Related for OSV:GHSA-J32J-2HXV-RQF7
nvd1prion1cve1cvelist1github1