postgrex
Hex2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting postgrexpage 1 of 1
- CVE-2026-32687HIGHCVSS 7.5EG 7.5✓ Fixed in 0.22.22026-05-12
vulnerable: 0.16.0 ... 0.22.1 (22 versions)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in elixir-ecto postgrex ('Elixir.Postgrex.Notifications' module) allows SQL Injection. The channel argument passed to 'Elixir.Postgrex.Noti…
- CVE-2026-58225LOWCVSS 2.1EG 2.1✓ Fixed in 0.22.32026-07-10
vulnerable: 0.16.0 ... 0.22.2 (23 versions)
SQL Injection vulnerability in elixir-ecto postgrex allows an attacker who can influence a LISTEN channel name to inject SQL into the reconnect replay query, causing a denial of service of the notification connection. Postgrex.Notificatio…
Check whether postgrex is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for postgrex CVEs against the assets you own.
Start Free Scan →