SQL Injection in Elixir-ecto Postgrex
CVE-2026-58225
SQL Injection vulnerability in elixir-ecto postgrex allows an attacker who can influence a LISTEN channel name to inject SQL into the reconnect replay query, causing a denial of service of the notification connection. Postgrex.Notificatio…
Vulnerability class: SQL Injection
Affected products
- Elixir-ecto Postgrex — versions 0.16.0, 266b530faf9bde094e31e0e4ab851f933fadc0f5
Weakness classification (CWE)
References
- 6b3ad84c-e1a6-4bf7-a703-f496b71e49db (related)
- 6b3ad84c-e1a6-4bf7-a703-f496b71e49db (related, vendor-advisory)
- 6b3ad84c-e1a6-4bf7-a703-f496b71e49db (patch)
- 6b3ad84c-e1a6-4bf7-a703-f496b71e49db (related)