Lucene search

CVE-2024-1597

🗓️ 19 Feb 2024 13:07:15Reported by GoogleType

osv🔗 osv.dev👁 23 Views

pgjdbc PostgreSQL JDBC driver allows SQL injection if using PreferQueryMode=SIMPLE. Versions before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.8 affected

Reporter	Title	Published	Views	Family All 133
OSV	BIT-postgresql-jdbc-driver-2024-1597	12 Mar 202408:33	–	osv
OSV	org.postgresql:postgresql vulnerable to SQL Injection via line comment generation	21 Feb 202423:33	–	osv
OSV	Amazon JDBC Driver for Redshift SQL Injection via line comment generation	15 May 202417:10	–	osv
OSV	CVE-2024-32888	15 May 202403:15	–	osv
OSV	RHSA-2024:4402 Red Hat Security Advisory: postgresql-jdbc security update	18 Sep 202408:49	–	osv
OSV	RHSA-2024:1649 Red Hat Security Advisory: postgresql-jdbc: security update	18 Sep 202408:44	–	osv
OSV	CGA-FJG5-9M84-P3V7	6 Jun 202412:27	–	osv
OSV	CGA-5CMG-W6MR-WX73	6 Jun 202412:24	–	osv
OSV	Important: postgresql-jdbc security update	20 Mar 202400:00	–	osv
OSV	Important: postgresql-jdbc security update	27 Mar 202404:34	–	osv

Source	Link
github	www.github.com/pgjdbc/pgjdbc/security/advisories/GHSA-24rp-q3w6-vc56
security	www.security.netapp.com/advisory/ntap-20240419-0008/
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/TZQTSMESZD2RJ5XBPSXH3TIQVUW5DIUU/
openwall	www.openwall.com/lists/oss-security/2024/04/02/6
lists	www.lists.debian.org/debian-lts-announce/2024/05/msg00007.html
enterprisedb	www.enterprisedb.com/docs/jdbc_connector/latest/01_jdbc_rel_notes/
enterprisedb	www.enterprisedb.com/docs/security/assessments/cve-2024-1597/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

19 Feb 2024 13:15Current

9.6High risk

Vulners AI Score9.6

CVSS310

EPSS0.00281

SSVC