AikidoSec · willem-delbare · Feb 3, 2025 · Feb 3, 2025 · Feb 3, 2025 · Feb 3, 2025
diff --git a/vulnerabilities/AIKIDO-2025-10069.json b/vulnerabilities/AIKIDO-2025-10069.json
@@ -0,0 +1,28 @@
+{
+  "package_name": "postgres-types",
+  "patch_versions": [
+    "0.2.9"
+  ],
+  "vulnerable_ranges": [
+    [
+      "0.1.0",
+      "0.2.8"
+    ]
+  ],
+  "cwe": [
+    "CWE-248",
+    "CWE-400"
+  ],
+  "tldr": "Affected versions of this package are vulnerable to uncaught exceptions. A panic occurs when attempting to retrieve a `PrimitiveDateTime` value in the `from_sql` function, if it is set to infinity. This issue can cause unexpected crashes, potential denial-of-service (DoS) conditions, or instability in applications relying on this functionality.",
+  "doest_this_affect_me": "You are affected if you are using a version that falls within the vulnerable range.",
+  "how_to_fix": "Upgrade the `postgres-types` library to the patch version.",
+  "reporter": "",
+  "vulnerable_to": "Uncaught Exception",
+  "related_cve_id": "",
+  "language": "RUST",
+  "severity_class": "LOW",
+  "aikido_score": 18,
+  "changelog": "https://github.com/sfackler/rust-postgres/blob/master/postgres-types/CHANGELOG.md",
+  "last_modified": "2025-02-03",
+  "published": "2025-02-03"
+}