7.5
CVE-2009-2943
- EPSS 2.21%
- Veröffentlicht 22.10.2009 16:30:00
- Zuletzt bearbeitet 16.06.2026 23:10:32
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The postgresql-ocaml bindings 1.5.4, 1.7.0, and 1.12.1 for PostgreSQL libpq do not properly support the PQescapeStringConn function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ocaml ≫ Postgresql-ocaml Version1.5.4
Ocaml ≫ Postgresql-ocaml Version1.7.0
Ocaml ≫ Postgresql-ocaml Version1.12.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.21% | 0.803 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://secunia.com/advisories/37048
http://www.debian.org/security/2009/dsa-1909
http://www.osvdb.org/59029