Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2025-61385
CVE-2025-61385
SQL injection vulnerability in tlocke pg8000 1.31.4 allows remote attackers to execute arbitrary SQL commands via a specially crafted Python list input to function pg8000.native.literal.
Published Oct 28, 2025
https://github.com/advisories/GHSA-wq2g-r956-j8cc
CVSS Score
Critical
9.3
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
pypi
pg8000
1.30.3
pypi
pg8000
1.30.4
pypi
pg8000
1.30.5
pypi
pg8000
1.31.0
pypi
pg8000
1.31.1
pypi
pg8000
1.31.2
pypi
pg8000
1.31.3
pypi
pg8000
1.31.4
1-8 of 8
CVE-2025-61385 | Components Impacted | Sonatype Guide | Sonatype Guide
