Description
libnss-pgsql in nss-pgsql 0.9.0 and earlier allows remote attackers to execute arbitrary SQL queries by inserting SQL code into an HTTP request.
Affected products
- alessandro_gardich / nss_postgresql0.6.1 – 0.6.1
- joerg_wendland / libnss-pgsql0.9.0 – 0.9.0