The pygresql module 3.8.1 and 4.0 for Python does not properly support the PQescapeStringConn function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-10-22T16:00:00

Updated: 2024-08-07T06:07:37.303Z

Reserved: 2009-08-23T00:00:00

Link: CVE-2009-2940

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2009-10-22T16:30:00.250

Modified: 2024-11-21T01:06:06.780

Link: CVE-2009-2940

cve-icon Redhat

Severity : Moderate

Publid Date: 2009-10-14T00:00:00Z

Links: CVE-2009-2940 - Bugzilla