The postgresql-ocaml bindings 1.5.4, 1.7.0, and 1.12.1 for PostgreSQL libpq do not properly support the PQescapeStringConn function, which might allow remote malicious users to leverage escaping issues involving multibyte character encodings.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ocaml postgresql-ocaml 1.12.1 |
||
ocaml postgresql-ocaml 1.5.4 |
||
ocaml postgresql-ocaml 1.7.0 |