{"uuid": "b1379d1c-fd92-4f17-b52e-a36740c57275", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2015-0244", "type": "published-proof-of-concept", "source": "https://t.me/cveNotify/452", "content": "\ud83d\udea8 CVE-2015-0244\nPostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct SQL injection attacks via crafted binary data in a parameter and causing an error, which triggers the loss of synchronization and part of the protocol message to be treated as a new message, as demonstrated by causing a timeout or query cancellation.\n\n\ud83c\udf96@cveNotify", "creation_timestamp": "2020-01-27T21:37:45.000000Z"}