Lucene search
FedoraCVELIST:CVE-2021-3935HistoryNov 22, 2021 - 3:59 p.m.
CVE-2021-3935
2021-11-2215:59:14
CWE-89
fedora
www.cve.org
6
pgbouncer
authentication
vulnerability
tls
injection
sql
encryption
flaw
cve-2021-3935
When PgBouncer is configured to use “cert” authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate verification and encryption. This flaw affects PgBouncer versions prior to 1.16.1.
CNA Affected
[
{
"product": "pgbouncer",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "PgBouncer 1.16.1"
}
]
}
]Related
prion
prion
Sql injection
2021-11-22 16:15:00
osv
osv
pgbouncer - security update
2022-02-14 00:00:00
BIT-pgbouncer-2021-3935
2024-03-06 11:01:06
cve
cve
CVE-2021-3935
2021-11-22 16:15:07
openvas
openvas
Debian: Security Advisory (DLA-2922-1)
2022-02-16 00:00:00
Fedora: Security Advisory for pgbouncer (FEDORA-2021-761cda0b77)
2022-01-01 00:00:00
alpinelinux
alpinelinux
CVE-2021-3935
2021-11-22 16:15:07
ubuntucve
ubuntucve
CVE-2021-3935
2021-11-22 00:00:00
nvd
nvd
CVE-2021-3935
2021-11-22 16:15:07
veracode
veracode
Man-in-the-Middle Attack
2021-12-10 17:54:15
cbl_mariner
cbl_mariner
CVE-2021-3935 affecting package pgbouncer 1.11.0-2
2021-12-17 20:09:29
debian
debian
[SECURITY] [DLA 2922-1] pgbouncer security update
2022-02-14 12:55:33
nessus
nessus
Photon OS 4.0: Pgbouncer PHSA-2022-4.0-0267
2024-07-23 00:00:00
Debian DLA-2922-1 : pgbouncer - LTS security update
2022-02-14 00:00:00
debiancve
debiancve
CVE-2021-3935
2021-11-22 16:15:07
photon
photon
Important Photon OS Security Update - PHSA-2022-3.0-0473
2022-10-21 00:00:00
Important Photon OS Security Update - PHSA-2022-0267
2022-10-21 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0267
2022-10-21 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: pgbouncer-1.16.1-1.fc35
2021-12-31 01:21:38