Closed GoVulnBot closed 1 week ago
Advisory GHSA-fqpg-rq76-99pq references a vulnerability in the following Go modules:
Description: Pipeline can panic when PgConn is busy or closed.
References:
Cross references:
See doc/triage.md for instructions on how to triage this report.
id: GO-ID-PENDING modules: - module: github.com/jackc/pgx vulnerable_at: 3.6.2+incompatible - module: github.com/jackc/pgx/v4 vulnerable_at: 4.18.3 - module: github.com/jackc/pgx/v5 versions: - fixed: 5.5.2 vulnerable_at: 5.5.1 summary: Panic in Pipeline when PgConn is busy or closed in github.com/jackc/pgx ghsas: - GHSA-fqpg-rq76-99pq references: - advisory: https://github.com/advisories/GHSA-fqpg-rq76-99pq - fix: https://github.com/jackc/pgx/commit/dfd198003a03dbb96e4607b0d3a0bb9a7398ccb7 source: id: GHSA-fqpg-rq76-99pq created: 2024-07-05T21:01:13.951638683Z review_status: UNREVIEWED
GHSA for https://github.com/golang/vulndb/issues/2567
Change https://go.dev/cl/597156 mentions this issue: data/reports: update 2 reports
data/reports: update 2 reports
Advisory GHSA-fqpg-rq76-99pq references a vulnerability in the following Go modules:
Description: Pipeline can panic when PgConn is busy or closed.
References:
Cross references:
See doc/triage.md for instructions on how to triage this report.