Connect Pg Simple
1 CVEs
product
Monthly
connect-pg-simple before 6.0.1 allows SQL injection if tableName or schemaName is untrusted data. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
SQLi
Connect Pg Simple
NVD
GitHub
CVSS 3.0
7.3
EPSS
1.0%
CVE-2019-15658
npm
EPSS 1%
CVSS 7.3
HIGH
PATCH
This Week
connect-pg-simple before 6.0.1 allows SQL injection if tableName or schemaName is untrusted data. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
SQLi
Connect Pg Simple
NVD
GitHub