Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:pypi/pygresql@4.0
purl pkg:pypi/pygresql@4.0
Next non-vulnerable version 4.1
Latest non-vulnerable version 4.1
Risk 4.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-z5df-1r9g-n7dz
Aliases:
CVE-2009-2940
GHSA-xv6x-43gq-4hfj
PyGreSQL Might Be Vulnerable to Encoding-Based SQL Injection The pygresql module 3.8.1 and 4.0 for Python does not properly support the PQescapeStringConn function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings.
4.1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T21:46:18.838610+00:00 GitLab Importer Affected by VCID-z5df-1r9g-n7dz https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/PyGreSQL/CVE-2009-2940.yml 38.4.0
2026-04-11T23:02:04.319911+00:00 GitLab Importer Affected by VCID-z5df-1r9g-n7dz https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/PyGreSQL/CVE-2009-2940.yml 38.3.0
2026-04-02T23:10:32.206545+00:00 GitLab Importer Affected by VCID-z5df-1r9g-n7dz https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/PyGreSQL/CVE-2009-2940.yml 38.1.0
2026-04-01T16:00:38.403635+00:00 GHSA Importer Affected by VCID-z5df-1r9g-n7dz https://github.com/advisories/GHSA-xv6x-43gq-4hfj 38.0.0
2026-04-01T13:10:59.964278+00:00 GithubOSV Importer Affected by VCID-z5df-1r9g-n7dz https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-xv6x-43gq-4hfj/GHSA-xv6x-43gq-4hfj.json 38.0.0
2026-04-01T12:50:00.257691+00:00 GitLab Importer Affected by VCID-z5df-1r9g-n7dz https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/PyGreSQL/CVE-2009-2940.yml 38.0.0