Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    2 vulnerabilities by pygresql

    CVE-2009-2940 (GCVE-0-2009-2940)

    Vulnerability from nvd – Published: 2009-10-22 16:00 – Updated: 2024-08-07 06:07
    VLAI
    Summary
    The pygresql module 3.8.1 and 4.0 for Python does not properly support the PQescapeStringConn function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/37046 third-party-advisoryx_refsource_SECUNIA
    http://www.debian.org/security/2009/dsa-1911 vendor-advisoryx_refsource_DEBIAN
    http://www.osvdb.org/59028 vdb-entryx_refsource_OSVDB
    http://ubuntu.com/usn/usn-870-1 vendor-advisoryx_refsource_UBUNTU
    http://secunia.com/advisories/37654 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2009-10-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:07:37.303Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "37046",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37046"
              },
              {
                "name": "DSA-1911",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2009/dsa-1911"
              },
              {
                "name": "59028",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/59028"
              },
              {
                "name": "USN-870-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://ubuntu.com/usn/usn-870-1"
              },
              {
                "name": "37654",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37654"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-10-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The pygresql module 3.8.1 and 4.0 for Python does not properly support the PQescapeStringConn function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-12-17T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "37046",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37046"
            },
            {
              "name": "DSA-1911",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2009/dsa-1911"
            },
            {
              "name": "59028",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/59028"
            },
            {
              "name": "USN-870-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://ubuntu.com/usn/usn-870-1"
            },
            {
              "name": "37654",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37654"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-2940",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The pygresql module 3.8.1 and 4.0 for Python does not properly support the PQescapeStringConn function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "37046",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/37046"
                },
                {
                  "name": "DSA-1911",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2009/dsa-1911"
                },
                {
                  "name": "59028",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/59028"
                },
                {
                  "name": "USN-870-1",
                  "refsource": "UBUNTU",
                  "url": "http://ubuntu.com/usn/usn-870-1"
                },
                {
                  "name": "37654",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/37654"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-2940",
        "datePublished": "2009-10-22T16:00:00.000Z",
        "dateReserved": "2009-08-23T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:07:37.303Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-2940 (GCVE-0-2009-2940)

    Vulnerability from cvelistv5 – Published: 2009-10-22 16:00 – Updated: 2024-08-07 06:07
    VLAI
    Summary
    The pygresql module 3.8.1 and 4.0 for Python does not properly support the PQescapeStringConn function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/37046 third-party-advisoryx_refsource_SECUNIA
    http://www.debian.org/security/2009/dsa-1911 vendor-advisoryx_refsource_DEBIAN
    http://www.osvdb.org/59028 vdb-entryx_refsource_OSVDB
    http://ubuntu.com/usn/usn-870-1 vendor-advisoryx_refsource_UBUNTU
    http://secunia.com/advisories/37654 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2009-10-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:07:37.303Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "37046",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37046"
              },
              {
                "name": "DSA-1911",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2009/dsa-1911"
              },
              {
                "name": "59028",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/59028"
              },
              {
                "name": "USN-870-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://ubuntu.com/usn/usn-870-1"
              },
              {
                "name": "37654",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37654"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-10-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The pygresql module 3.8.1 and 4.0 for Python does not properly support the PQescapeStringConn function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-12-17T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "37046",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37046"
            },
            {
              "name": "DSA-1911",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2009/dsa-1911"
            },
            {
              "name": "59028",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/59028"
            },
            {
              "name": "USN-870-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://ubuntu.com/usn/usn-870-1"
            },
            {
              "name": "37654",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37654"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-2940",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The pygresql module 3.8.1 and 4.0 for Python does not properly support the PQescapeStringConn function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "37046",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/37046"
                },
                {
                  "name": "DSA-1911",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2009/dsa-1911"
                },
                {
                  "name": "59028",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/59028"
                },
                {
                  "name": "USN-870-1",
                  "refsource": "UBUNTU",
                  "url": "http://ubuntu.com/usn/usn-870-1"
                },
                {
                  "name": "37654",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/37654"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-2940",
        "datePublished": "2009-10-22T16:00:00.000Z",
        "dateReserved": "2009-08-23T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:07:37.303Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }