CVE-2026-4427 - Vulnerability Details

CVE-2026-4427 - Github.com/jackc/pgproto3: pgproto3: denial of service via negative field length in datarow message

A flaw was found in pgproto3. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message with a negative field length. This input validation vulnerability can lead to a denial of service (DoS) due to a slice bounds out of range panic.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Redhat	Acm Advanced Cluster Security Assisted Installer Enterprise Linux Multicluster Engine Multicluster Globalhub Openshift Openshift Ai Openshift Cluster Manager Cli Openshift Service On Aws Quay Trusted Artifact Signer

No data.

References

Link	Providers
https://access.redhat.com/security/cve/CVE-2026-4427
https://bugzilla.redhat.com/show_bug.cgi?id=2448626
https://github.com/golang/vulndb/issues/4518
https://github.com/jackc/pgproto3
https://github.com/jackc/pgx/issues/2507
https://securityinfinity.com/research/memory-safety-vulnerabilities-in-go-postgresql-wire-protocol-parsers-pgproto3-pgx

History

Thu, 19 Mar 2026 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 19 Mar 2026 14:45:00 +0000

Type	Values Removed	Values Added
Description		A flaw was found in pgproto3. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message with a negative field length. This input validation vulnerability can lead to a denial of service (DoS) due to a slice bounds out of range panic.
Title		Github.com/jackc/pgproto3: pgproto3: denial of service via negative field length in datarow message
First Time appeared		Redhat Redhat acm Redhat advanced Cluster Security Redhat assisted Installer Redhat enterprise Linux Redhat multicluster Engine Redhat multicluster Globalhub Redhat openshift Redhat openshift Ai Redhat openshift Cluster Manager Cli Redhat openshift Service On Aws Redhat quay Redhat trusted Artifact Signer
Weaknesses		CWE-129
CPEs		cpe:/a:redhat:acm:2 cpe:/a:redhat:advanced_cluster_security:4 cpe:/a:redhat:assisted_installer:2 cpe:/a:redhat:multicluster_engine cpe:/a:redhat:multicluster_globalhub cpe:/a:redhat:openshift:4 cpe:/a:redhat:openshift_ai cpe:/a:redhat:openshift_cluster_manager_cli:1 cpe:/a:redhat:openshift_service_on_aws:1 cpe:/a:redhat:quay:3 cpe:/a:redhat:trusted_artifact_signer:1 cpe:/o:redhat:enterprise_linux:10 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9
Vendors & Products		Redhat Redhat acm Redhat advanced Cluster Security Redhat assisted Installer Redhat enterprise Linux Redhat multicluster Engine Redhat multicluster Globalhub Redhat openshift Redhat openshift Ai Redhat openshift Cluster Manager Cli Redhat openshift Service On Aws Redhat quay Redhat trusted Artifact Signer
References		https://access.redhat.com/security/cve/CVE-2026-4427 https://bugzilla.redhat.com/show_bug.cgi?id=2448626 https://github.com/golang/vulndb/issues/4518 https://github.com/jackc/pgproto3 https://github.com/jackc/pgx/issues/2507 https://securityinfinity.com/research/memory-safety-vulnerabilities-in-go-postgresql-wire-protocol-parsers-pgproto3-pgx
Metrics		cvssV3_1 `{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}`

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2026-03-19T14:24:02.864Z

Updated: 2026-03-19T20:31:23.297Z

Reserved: 2026-03-19T12:54:24.750Z

Link: CVE-2026-4427

Vulnrichment

Updated: 2026-03-19T16:04:33.332Z

NVD

Status : Received

Published: 2026-03-19T15:16:28.710

Modified: 2026-03-19T15:16:28.710

Link: CVE-2026-4427

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object