Fedora 42 : pgbouncer (2026-cf2ba5b766)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-cf2ba5b766 advisory. Update to 1.25.2. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

Fedora 44 : pgbouncer (2026-d3d959a176)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-d3d959a176 advisory. Update to 1.25.2. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

CVE-2025-12819 vulnerabilities

Vulnerabilities for packages: pgbouncer...

Debian: Security Advisory (DLA-4422-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 4422-1] pgbouncer security update

Debian LTS Advisory DLA-4422-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson December 27, 2025 https://wiki.debian.org/LTS Package : pgbouncer Version : 1.15.0-1+deb11u2 CVE ID : CVE-2025-12819 Debian Bug : PgBouncer is a lightweight connection pooler for...

Debian dla-4422 : pgbouncer - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4422 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4422-1 [email protected] https://www.debian.org/lts/security/...

CVE-2025-12819 vulnerabilities

Vulnerabilities for packages: pgbouncer...

CVE-2025-12819

creationtimestamp| type| source ---|---|--- 2025-12-04 04:00:15+00:00| seen| https://bsky.app/profile/PostgreSQL.activitypub.awakari.com.ap.brid.gy/post/3m753i5gzqi62 2025-12-04 14:50:25+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3m767tiweqz2l 2025-12-07 10:34:04+00:00| seen|...

Linux Distros Unpatched Vulnerability : CVE-2025-12819

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Untrusted search path in authquery connection handler in PgBouncer before 1.25.1 allows an unauthenticated attacker to execute arbitrary SQL during authenticati...

AZL-71249 CVE-2025-12819 affecting package pgbouncer for versions less than 1.25.1-1

Untrusted search path in authquery connection handler in PgBouncer before 1.25.1 allows an unauthenticated attacker to execute arbitrary SQL during authentication via a malicious searchpath parameter in the StartupMessage...

AZL-71438 CVE-2025-12819 affecting package pgbouncer for versions less than 1.25.1-1

Untrusted search path in authquery connection handler in PgBouncer before 1.25.1 allows an unauthenticated attacker to execute arbitrary SQL during authentication via a malicious searchpath parameter in the StartupMessage...

CVE-2025-12819

Untrusted search path in authquery connection handler in PgBouncer before 1.25.1 allows an unauthenticated attacker to execute arbitrary SQL during authentication via a malicious searchpath parameter in the StartupMessage...