
github.com/go-pg/pg/v9
Package pg implements a PostgreSQL client. go-pg recognizes `?` in queries as placeholders and replaces them with parameters when queries are executed. `?` can be escaped with backslash. Parameters are escaped before replacing according to PostgreSQL rules. Specifically:
Security Advisories for github.com/go-pg/pg/v9 in go
Moderate
4 months ago
go-pg SQL injection vulnerability via the component /types/append_value.go
go
github.com/go-pg/pg, github.com/go-pg/pg/v9