GO-2026-4518
ADVISORY - golangSummary
The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic.
Common Weakness Enumeration (CWE)
GoLang
CREATED
UPDATED
ADVISORY IDGO-2026-4518
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-