Lucene search
JpcertCVELIST:CVE-2024-45624HistorySep 12, 2024 - 4:33 a.m.
CVE-2024-45624
2024-09-1204:33:40
jpcert
www.cve.org
2
cve-2024-45624
pgpool-ii
sensitive information
incompatible policies
unauthorized access
EPSS
0
Percentile
9.6%
Exposure of sensitive information due to incompatible policies issue exists in Pgpool-II. If a database user accesses a query cache, table data unauthorized for the user may be retrieved.
CNA Affected
[
{
"vendor": "PgPool Global Development Group",
"product": "Pgpool-II",
"versions": [
{
"version": "All versions of 3.2 series",
"status": "affected"
}
]
},
{
"vendor": "PgPool Global Development Group",
"product": "Pgpool-II",
"versions": [
{
"version": "4.5.0 to 4.5.3 (4.5 series)",
"status": "affected"
}
]
},
{
"vendor": "PgPool Global Development Group",
"product": "Pgpool-II",
"versions": [
{
"version": "4.4.0 to 4.4.8 (4.4 series)",
"status": "affected"
}
]
},
{
"vendor": "PgPool Global Development Group",
"product": "Pgpool-II",
"versions": [
{
"version": "4.3.0 to 4.3.11 (4.3 series)",
"status": "affected"
}
]
},
{
"vendor": "PgPool Global Development Group",
"product": "Pgpool-II",
"versions": [
{
"version": "4.2.0 to 4.2.18 (4.2 series)",
"status": "affected"
}
]
},
{
"vendor": "PgPool Global Development Group",
"product": "Pgpool-II",
"versions": [
{
"version": "4.1.0 to 4.1.21 (4.1 series)",
"status": "affected"
}
]
},
{
"vendor": "PgPool Global Development Group",
"product": "Pgpool-II",
"versions": [
{
"version": "All versions of 4.0 series",
"status": "affected"
}
]
},
{
"vendor": "PgPool Global Development Group",
"product": "Pgpool-II",
"versions": [
{
"version": "All versions of 3.7 series",
"status": "affected"
}
]
},
{
"vendor": "PgPool Global Development Group",
"product": "Pgpool-II",
"versions": [
{
"version": "All versions of 3.6 series",
"status": "affected"
}
]
},
{
"vendor": "PgPool Global Development Group",
"product": "Pgpool-II",
"versions": [
{
"version": "All versions of 3.5 series",
"status": "affected"
}
]
},
{
"vendor": "PgPool Global Development Group",
"product": "Pgpool-II",
"versions": [
{
"version": "All versions of 3.4 series",
"status": "affected"
}
]
},
{
"vendor": "PgPool Global Development Group",
"product": "Pgpool-II",
"versions": [
{
"version": "All versions of 3.3 series",
"status": "affected"
}
]
}
]Related
osv
osv
CVE-2024-45624
2024-09-12 05:15:05
nvd
nvd
CVE-2024-45624
2024-09-12 05:15:05
cve
cve
CVE-2024-45624
2024-09-12 05:15:05
jvn
jvn
JVN#67456481: Pgpool-II vulnerable to information disclosure
2024-09-09 00:00:00
vulnrichment
vulnrichment
CVE-2024-45624
2024-09-12 04:33:40
debiancve
debiancve
CVE-2024-45624
2024-09-12 05:15:05