CVE advisoryCRITICAL
CVE-2024-27304
Attacker can steal data or control systems using a large PostgreSQL query
Halo Surface Signal: 2 out of 5 — less likely to be public-facing.
A critical flaw in the pgx PostgreSQL driver for Go could let attackers steal or change your data by sending a massive, specially crafted database command. Update your Go applications using pgx immediately.