GO-2024-2606

See a problem?
Please try reporting it to the source first.

Source

https://pkg.go.dev/vuln/GO-2024-2606

Import Source

https://vuln.go.dev/ID/GO-2024-2606.json

JSON Data

https://api.osv.dev/v1/vulns/GO-2024-2606

Aliases

Published

2024-03-14T17:12:43Z

Modified

2024-10-22T05:29:01.941333Z

Summary

SQL injection in github.com/jackc/pgproto3 and github.com/jackc/pgx

Details

An integer overflow in the calculated message size of a query or bind message could allow a single large message to be sent as multiple messages under the attacker's control. This could lead to SQL injection if an attacker can cause a single query or bind message to exceed 4 GB in size.

Database specific

{
    "review_status": "REVIEWED",
    "url": "https://pkg.go.dev/vuln/GO-2024-2606"
}

References

Credits

- paul-gerste-sonarsource

Affected packages

Go / github.com/jackc/pgproto3/v2

Package

Name: github.com/jackc/pgproto3/v2; View open source insights on deps.dev
Purl: pkg:golang/github.com/jackc/pgproto3/v2

Affected ranges

Type: SEMVER
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.3.3

Ecosystem specific

{
    "imports": [
        {
            "path": "github.com/jackc/pgproto3/v2",
            "symbols": [
                "AuthenticationCleartextPassword.Encode",
                "AuthenticationGSS.Encode",
                "AuthenticationGSSContinue.Encode",
                "AuthenticationMD5Password.Encode",
                "AuthenticationOk.Encode",
                "AuthenticationSASL.Encode",
                "AuthenticationSASLContinue.Encode",
                "AuthenticationSASLFinal.Encode",
                "Backend.Send",
                "BackendKeyData.Encode",
                "Bind.Encode",
                "BindComplete.Encode",
                "CancelRequest.Encode",
                "Close.Encode",
                "CloseComplete.Encode",
                "CommandComplete.Encode",
                "CopyBothResponse.Encode",
                "CopyData.Encode",
                "CopyDone.Encode",
                "CopyFail.Encode",
                "CopyInResponse.Encode",
                "CopyOutResponse.Encode",
                "DataRow.Encode",
                "Describe.Encode",
                "EmptyQueryResponse.Encode",
                "ErrorResponse.Encode",
                "ErrorResponse.marshalBinary",
                "Execute.Encode",
                "Flush.Encode",
                "Frontend.Send",
                "FunctionCall.Encode",
                "FunctionCallResponse.Encode",
                "GSSEncRequest.Encode",
                "GSSResponse.Encode",
                "NoData.Encode",
                "NoticeResponse.Encode",
                "NotificationResponse.Encode",
                "ParameterDescription.Encode",
                "ParameterStatus.Encode",
                "Parse.Encode",
                "ParseComplete.Encode",
                "PasswordMessage.Encode",
                "PortalSuspended.Encode",
                "Query.Encode",
                "ReadyForQuery.Encode",
                "RowDescription.Encode",
                "SASLInitialResponse.Encode",
                "SASLResponse.Encode",
                "SSLRequest.Encode",
                "StartupMessage.Encode",
                "Sync.Encode",
                "Terminate.Encode"
            ]
        },
        {
            "path": "github.com/jackc/pgproto3/v2/example/pgfortune",
            "symbols": [
                "PgFortuneBackend.Run",
                "PgFortuneBackend.handleStartup",
                "main"
            ]
        }
    ]
}

Go / github.com/jackc/pgx

Package

Name: github.com/jackc/pgx; View open source insights on deps.dev
Purl: pkg:golang/github.com/jackc/pgx

Affected ranges

Type: SEMVER
Events: Introduced

0Unknown introduced version / All previous versions are affected

Ecosystem specific

{
    "imports": [
        {
            "path": "github.com/jackc/pgx/internal/sanitize",
            "symbols": [
                "Query.Sanitize",
                "SanitizeSQL"
            ]
        }
    ]
}

Go / github.com/jackc/pgx/v4

Package

Name: github.com/jackc/pgx/v4; View open source insights on deps.dev
Purl: pkg:golang/github.com/jackc/pgx/v4

Affected ranges

Type: SEMVER
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.2

Ecosystem specific

{
    "imports": [
        {
            "path": "github.com/jackc/pgx/v4/internal/sanitize",
            "symbols": [
                "Query.Sanitize",
                "SanitizeSQL"
            ]
        }
    ]
}

Go / github.com/jackc/pgx/v5

Package

Name: github.com/jackc/pgx/v5; View open source insights on deps.dev
Purl: pkg:golang/github.com/jackc/pgx/v5

Affected ranges

Type: SEMVER
Events: Introduced

5.0.0

Fixed

5.5.4

Ecosystem specific

{
    "imports": [
        {
            "path": "github.com/jackc/pgx/v5/internal/sanitize",
            "symbols": [
                "Query.Sanitize",
                "SanitizeSQL"
            ]
        },
        {
            "path": "github.com/jackc/pgx/v5/pgproto3",
            "symbols": [
                "AuthenticationCleartextPassword.Encode",
                "AuthenticationGSS.Encode",
                "AuthenticationGSSContinue.Encode",
                "AuthenticationMD5Password.Encode",
                "AuthenticationOk.Encode",
                "AuthenticationSASL.Encode",
                "AuthenticationSASLContinue.Encode",
                "AuthenticationSASLFinal.Encode",
                "Backend.Flush",
                "Backend.Send",
                "BackendKeyData.Encode",
                "Bind.Encode",
                "BindComplete.Encode",
                "CancelRequest.Encode",
                "Close.Encode",
                "CloseComplete.Encode",
                "CommandComplete.Encode",
                "CopyBothResponse.Encode",
                "CopyData.Encode",
                "CopyDone.Encode",
                "CopyFail.Encode",
                "CopyInResponse.Encode",
                "CopyOutResponse.Encode",
                "DataRow.Encode",
                "Describe.Encode",
                "EmptyQueryResponse.Encode",
                "ErrorResponse.Encode",
                "ErrorResponse.marshalBinary",
                "Execute.Encode",
                "Flush.Encode",
                "Frontend.Flush",
                "Frontend.Send",
                "Frontend.SendBind",
                "Frontend.SendClose",
                "Frontend.SendDescribe",
                "Frontend.SendExecute",
                "Frontend.SendParse",
                "Frontend.SendQuery",
                "Frontend.SendSync",
                "Frontend.SendUnbufferedEncodedCopyData",
                "FunctionCall.Encode",
                "FunctionCallResponse.Encode",
                "GSSEncRequest.Encode",
                "GSSResponse.Encode",
                "NoData.Encode",
                "NoticeResponse.Encode",
                "NotificationResponse.Encode",
                "ParameterDescription.Encode",
                "ParameterStatus.Encode",
                "Parse.Encode",
                "ParseComplete.Encode",
                "PasswordMessage.Encode",
                "PortalSuspended.Encode",
                "Query.Encode",
                "ReadyForQuery.Encode",
                "RowDescription.Encode",
                "SASLInitialResponse.Encode",
                "SASLResponse.Encode",
                "SSLRequest.Encode",
                "StartupMessage.Encode",
                "Sync.Encode",
                "Terminate.Encode"
            ]
        },
        {
            "path": "github.com/jackc/pgx/v5/pgconn",
            "symbols": [
                "Batch.ExecParams",
                "Batch.ExecPrepared",
                "Connect",
                "ConnectConfig",
                "ConnectWithOptions",
                "MultiResultReader.Close",
                "MultiResultReader.NextResult",
                "MultiResultReader.ReadAll",
                "PgConn.CheckConn",
                "PgConn.Close",
                "PgConn.CopyFrom",
                "PgConn.CopyTo",
                "PgConn.Deallocate",
                "PgConn.Exec",
                "PgConn.ExecBatch",
                "PgConn.ExecParams",
                "PgConn.ExecPrepared",
                "PgConn.Ping",
                "PgConn.Prepare",
                "PgConn.ReceiveMessage",
                "PgConn.SyncConn",
                "PgConn.WaitForNotification",
                "Pipeline.Close",
                "Pipeline.Flush",
                "Pipeline.GetResults",
                "Pipeline.SendDeallocate",
                "Pipeline.SendPrepare",
                "Pipeline.SendQueryParams",
                "Pipeline.SendQueryPrepared",
                "Pipeline.Sync",
                "ResultReader.Close",
                "ResultReader.NextRow",
                "ResultReader.Read",
                "ValidateConnectTargetSessionAttrsPreferStandby",
                "ValidateConnectTargetSessionAttrsPrimary",
                "ValidateConnectTargetSessionAttrsReadOnly",
                "ValidateConnectTargetSessionAttrsReadWrite",
                "ValidateConnectTargetSessionAttrsStandby"
            ]
        },
        {
            "path": "github.com/jackc/pgx/v5/pgproto3/example/pgfortune",
            "symbols": [
                "PgFortuneBackend.Run",
                "PgFortuneBackend.handleStartup",
                "main"
            ]
        }
    ]
}