CVE-2026-4427

Опубликовано: 19 мар. 2026

Источник: ubuntu

Приоритет: medium

Описание

Rejected reason: Duplicate of CVE-2026-32286

Релиз	Статус	Примечание
devel	not-affected
esm-apps/noble	not-affected
jammy	DNE
noble	not-affected
questing	not-affected
upstream	needs-triage

Показывать по

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2026-4427
https://github.com/jackc/pgx/issues/2507
https://access.redhat.com/security/cve/CVE-2026-4427
https://bugzilla.redhat.com/show_bug.cgi?id=2448626
https://github.com/golang/vulndb/issues/4518
https://github.com/jackc/pgproto3
https://securityinfinity.com/research/memory-safety-vulnerabilities-in-go-postgresql-wire-protocol-parsers-pgproto3-pgx

Связанные уязвимости

CVE-2026-4427

CVSS3: 7.5

redhat

23 дня назад

A flaw was found in pgproto3. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message with a negative field length. This input validation vulnerability can lead to a denial of service (DoS) due to a slice bounds out of range panic.

CVE-2026-4427

nvd

21 день назад

Rejected reason: Duplicate of CVE-2026-32286

GHSA-x6gf-mpr2-68h6

CVSS3: 7.5

github

21 день назад

Duplicate Advisory: pgproto3: Negative field length panics in DataRow.Decode

CVE-2026-4427

Описание

Пакет golang-github-jackc-pgproto3

Ссылки на источники

Связанные уязвимости