JLSEC-2026-29

🗓️ 03 Apr 2026 13:27:15Reported by GoogleType

osv

osv🔗 osv.dev👁 1 Views

Trust or certificate authentication allows MITM to inject SQL at connection start despite SSL.

Reporter	Title	Published	Views	Family All 266
IBM Security Bulletins	Security Bulletin: A security vulnerability inPostgreSQL affects IBM Cloud Pak for Multicloud Management Infrastructure Management	21 Oct 202217:09	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities	13 Jan 202215:19	–	ibm
IBM Security Bulletins	Security Bulletin: Due to use of PostgreSQL, IBM Robotic Process Automation with Automation Anywhere is vulnerable to SQL injection (CVE-2021-23214)	1 Apr 202215:08	–	ibm
IBM Security Bulletins	Security Bulletin: EDB Postgres Advanced Server with IBM and IBM Data Management Platform for EDB Postgres (Standard or Enterprise) for IBM Cloud Pak for Data are vulnerable to SQL injection from "man-in-the-middle" attack.	10 Feb 202217:57	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in PostgreSQL, Node.js, and Data Tables from Spry Media may affect IBM Spectrum Protect Plus	31 Jan 202218:22	–	ibm
IBM Security Bulletins	Security Bulletin: EDB PostreSQL with IBM, EDB Postgres Advanced Server with IBM, IBM Data Management Platform (Enterprise, Standard) are vulnerable to an SQL Injection (CVE-2021-23214)	3 Dec 202120:39	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Data Management Platform for EDB Postgres (Standard and Enterprise) for IBM Cloud Pak for Data are vulnerable to SQL injection from "man-in-the-middle" attack	11 Feb 202217:37	–	ibm
IBM Security Bulletins	Security Bulletin: SQL injection vulnerability in PostgreSQL affects IBM Connect:Direct Web Services (CVE-2021-23214)	1 Mar 202219:13	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM is vulnerable to using components with Known Vulnerabilities	25 Apr 202214:44	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Polkit, PostgreSQL, OpenSSL, OpenSSH, and jQuery affect IBM Spectrum Copy Data Management	12 Mar 202201:53	–	ibm

Source	Link
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
git	www.git.postgresql.org/gitweb/
github	www.github.com/postgres/postgres/commit/28e24125541545483093819efae9bca603441951
security	www.security.gentoo.org/glsa/202211-04
postgresql	www.postgresql.org/support/security/CVE-2021-23214/
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
git	www.git.postgresql.org/gitweb/
github	www.github.com/postgres/postgres/commit/28e24125541545483093819efae9bca603441951
security	www.security.gentoo.org/glsa/202211-04
postgresql	www.postgresql.org/support/security/CVE-2021-23214/

03 Apr 2026 13:30Current

6.9Medium risk

Vulners AI Score6.9

CVSS 25.1

CVSS 3.18.1

EPSS0.00193

trust authentication certificate authentication sql injection man in middle ssl verification