39 matches found
MiracleLinux 9 : postgresql-jdbc-42.2.18-6.el9 (AXSA:2023-4969:01)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-4969:01 advisory. postgresql: SQL Injection in ResultSet.refreshRow with malicious column names CVE-2022-31197 Tenable has extracted the preceding description block directly...
VulnCheck KEV: CVE-2022-31197
PostgreSQL JDBC Driver PgJDBC for short allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. The PGJDBC implementation of the java.sql.ResultRow.refreshRow method is not performing escaping of column names so a malicious column name that contain...
Linux Distros Unpatched Vulnerability : CVE-2022-31197
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PostgreSQL JDBC Driver PgJDBC for short allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. The PGJDBC...
Debian: Security Advisory (DLA-3995-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 9 : postgresql-jdbc-42.2.18-6.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the postgresql-jdbc-42.2.18-6.el9 build changelog. - PostgreSQL JDBC Driver PgJDBC for short allows Java programs to connect to a PostgreSQL database using standard, database independent Ja...
Rocky Linux 9 : postgresql-jdbc (RLSA-2023:0318)
The remote Rocky Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2023:0318 advisory. - PostgreSQL JDBC Driver PgJDBC for short allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. The PGJDBC...
Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities
Summary IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security...
Security Bulletin: IBM Security Verify Information Queue has multiple third-party library vulnerabilities
Summary IBM Security Verify Information Queue ISIQ v10.0.5 has remediated vulnerabilities in the third-party libraries that it uses. Vulnerability Details CVEID:CVE-2022-41946 DESCRIPTION: Postgresql JDBC could allow a local authenticated attacker to obtain sensitive information, caused by not...
Security Bulletin: IBM Security Verify Governance is vulnerable to arbitrary code execution, sensitive information exposure and unauthorized access due to PostgreSQL
Summary IBM Security Verify Governance is vulnerable to arbitrary code execution, sensitive information exposure and unauthorized access due to vulnerabilities in PostgreSQL JAR CVE-2022-26520, CVE-2022-21724, CVE-2020-13692, CVE-2022-31197, 220313. The fix involves upgrading the PostgreSQL JAR t...
AlmaLinux 9 : postgresql-jdbc (ALSA-2023:0318)
The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:0318 advisory. - PostgreSQL JDBC Driver PgJDBC for short allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. The PGJDBC...
postgresql-jdbc security update
42.2.18-6 - fix for CVE-2022-31197 Tue Aug 10 2021 Mohan Boddu - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz1991688...
Oracle Linux 9 : postgresql-jdbc (ELSA-2023-0318)
The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-0318 advisory. - fix for CVE-2022-31197 Tue Aug 10 2021 Mohan Boddu Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Not...
RLSA-2023:0318 Moderate: postgresql-jdbc security update
PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Security Fixes: postgresql: SQL Injection in ResultSet.refreshRow with malicious column names CVE-2022-31197 For mo...
postgresql-jdbc security update
An update is available for postgresql-jdbc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PostgreSQL is an advanced object-relational database management syste...
RHEL 9 : postgresql-jdbc (RHSA-2023:0318)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:0318 advisory. PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs ...
Moderate: postgresql-jdbc security update
PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Security Fixes: postgresql: SQL Injection in ResultSet.refreshRow with malicious column names CVE-2022-31197 For mo...
Fedora 35 : postgresql-jdbc (2022-cdeabe1bc0)
The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-cdeabe1bc0 advisory. Security fix for CVE-2022-31197. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...
Fedora 36 : postgresql-jdbc (2022-d7d49b2fac)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-d7d49b2fac advisory. Security fix for CVE-2022-31197 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
Important: Red Hat Security Advisory: Red Hat build of Quarkus 2.13.5 release and security update
An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...
EulerOS 2.0 SP8 : postgresql-jdbc (EulerOS-SA-2022-2803)
According to the versions of the postgresql-jdbc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - PostgreSQL JDBC Driver PgJDBC for short allows Java programs to connect to a PostgreSQL database using standard, database independent Ja...