cve/2024/CVE-2024-10977.md

### [CVE-2024-10977](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10977)
![](https://img.shields.io/static/v1?label=Product&message=PostgreSQL&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=13%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=14%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=15%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=16%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=17%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Use%20of%20Less%20Trusted%20Source&color=brightgreen)

### Description

Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to the libpq application.  For example, a man-in-the-middle attacker could send a long error message that a human or screen-scraper user of psql mistakes for valid query results.  This is probably not a concern for clients where the user interface unambiguously indicates the boundary between one error message and other text.  Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/adegoodyer/kubernetes-admin-toolkit
- https://github.com/lekctut/sdb-hw-13-01
- https://github.com/pedr0alencar/vlab-metasploitable2
- https://github.com/willtemperley/swift-postgres-client