postgrex

0.22.2

1.0.0-rc.1 retired 1.0.0-rc.0 retired 0.22.2 0.22.1 0.22.0 0.21.1 0.21.0 0.20.0 0.19.3 0.19.2 0.19.1 0.19.0 0.18.0 0.17.5 0.17.4 0.17.3 0.17.2 0.17.1 0.17.0 0.16.5 0.16.4 0.16.3 0.16.2 0.16.1 0.16.0 0.15.13 0.15.12 0.15.11 0.15.10 0.15.9 0.15.8 0.15.7 0.15.6 0.15.5 0.15.4 0.15.3 0.15.2 0.15.1 0.15.0 0.14.3 0.14.2 0.14.1 0.14.0 0.14.0-rc.1 0.14.0-rc.0 0.13.5 0.13.4 0.13.3 0.13.2 0.13.1 0.13.0 0.13.0-rc.0 0.12.2 0.12.1 0.12.0 0.11.2 0.11.1 0.11.0 0.10.0 0.9.1 0.9.0 0.8.4 0.8.3 0.8.2 0.8.1 0.8.0 0.7.0 0.6.0 0.5.5 0.5.4 0.5.3 0.5.2 0.5.1 0.5.0 0.4.2

PostgreSQL driver for Elixir

HexDocs HexPreview

Current section

1 Advisory

Jump to

Readme 75 Versions 4 Dependencies 485 Dependants 1 Advisory Activity

EEF-CVE-2026-32687 CVE-2026-32687 GHSA-r73h-97w8-m54h

SQL injection via channel name in Postgrex.Notifications.listen/3 and unlisten/3

May 12, 2026

CVSS

7.5 / 10.0 High

CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Versions

>= 0.16.0 and < 0.22.2

References

Checksum

Dependency Config

mix.exs

rebar.config

Gleam

erlang.mk

Package Details

Downloads Last 30 days, all versions

this version

300 309

yesterday

47 682

last 7 days

249 043

all time

135 585 620

Last Updated

May 12, 2026

License

Apache-2.0

Build Tools

mix

Publisher

josevalim

Operator	Description	Example
name:	Match package name. Supports * wildcards and repo/package form	name:phx* or name:hexpm/phoenix
description:	Full-text search of package descriptions	description:auth
depends:	Packages depending on a given package. Supports repo:package form	depends:ecto or depends:hexpm:ecto
build_tool:	Filter by build tool	build_tool:mix
updated_after:	Packages updated after an ISO8601 datetime	updated_after:2025-01-01T00:00:00Z
extra:	Match custom metadata (key,value). Nested keys are separated by commas	extra:license,MIT

postgrex

Checksum

Dependency Config

Package Details

Links

Owners

Search filters