cve 2024 27289

A subtle bug in a widely used Go PostgreSQL driver has opened the door to SQL injection under a narrow—but realistic—set of conditions, and the fix requires immediate attention from any team that embeds the pgx library. The vulnerability, tracked as CVE-2024-27289, allows user-controlled input...