62 matches found
MiracleLinux 7 : postgresql-jdbc-9.2.1002-8.el7 (AXSA:2020-252:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-252:01 advisory. postgresql-jdbc: XML external entity XXE vulnerability in PgSQLXML CVE-2020-13692 This update introduces a backwards incompatible change required to resolve...
MiracleLinux 8 : postgresql-jdbc-42.2.3-3.el8 (AXSA:2020-847:03)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-847:03 advisory. postgresql-jdbc: XML external entity XXE vulnerability in PgSQLXML CVE-2020-13692 Tenable has extracted the preceding description block directly from the...
Rocky Linux 8 : postgresql-jdbc (RLSA-2020:3176)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2020:3176 advisory. - PostgreSQL JDBC Driver aka PgJDBC before 42.2.13 allows XXE. CVE-2020-13692 Note that Nessus has not tested for this issue but has instead relied only on the...
Ubuntu 18.04 ESM / 20.04 ESM : PostgreSQL JDBC Driver vulnerability (USN-5238-1)
The remote Ubuntu 18.04 ESM / 20.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-5238-1 advisory. It was discovered that PostgreSQL JDBC Driver incorrectly handled certain requests from external entities. A remote attacker could use this...
K23157312: PostgreSQL vulnerability CVE-2020-13692
Security Advisory Description PostgreSQL JDBC Driver aka PgJDBC before 42.2.13 allows XXE. CVE-2020-13692 Impact F5 does not know of any specific F5 attack vectors; however, the threat could theoretically affect system availability and data confidentiality. Security Advisory Status F5 Product...
Security Bulletin: IBM Security Verify Governance is vulnerable to arbitrary code execution, sensitive information exposure and unauthorized access due to PostgreSQL
Summary IBM Security Verify Governance is vulnerable to arbitrary code execution, sensitive information exposure and unauthorized access due to vulnerabilities in PostgreSQL JAR CVE-2022-26520, CVE-2022-21724, CVE-2020-13692, CVE-2022-31197, 220313. The fix involves upgrading the PostgreSQL JAR t...
SUSE CVE-2020-13692
PostgreSQL JDBC Driver aka PgJDBC before 42.2.13 allows XXE...
Security Bulletin: IBM Security Guardium is affected by a postgresql-42.0.0.jar vulnerability
Summary IBM Security Guardium has fixed this vulnerability Vulnerability Details CVEID:CVE-2020-13692 DESCRIPTION: PostgreSQL JDBC Driver could allow a remote authenticated attacker to obtain sensitive information, caused by an XML external entity XXE error when processing XML data. By sending...
Debian DSA-5196-1 : libpgjava - security update
The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5196 advisory. - PostgreSQL JDBC Driver aka PgJDBC before 42.2.13 allows XXE. CVE-2020-13692 - pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in th...
AlmaLinux 8 : postgresql-jdbc (ALSA-2020:3176)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:3176 advisory. - PostgreSQL JDBC Driver aka PgJDBC before 42.2.13 allows XXE. CVE-2020-13692 Note that Nessus has not tested for this issue but has instead relied only on the...
Mageia: Security Advisory (MGASA-2020-0319)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.05 / MAIN 5.05 : postgresql-jdbc Vulnerability (NS-SA-2021-0143)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has postgresql-jdbc packages installed that are affected by a vulnerability: - PostgreSQL JDBC Driver aka PgJDBC before 42.2.13 allows XXE. CVE-2020-13692 Note that Nessus has not tested for this issue but has instead relied on...
Security Bulletin: IBM Disconnected Log Collector is vulnerable to using components with known vulnerabilities (CVE-2016-3506, CVE-2020-13692)
Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2016-3506 DESCRIPTION: An unspecified vulnerability in multiple Oracle products could allow an unauthenticated attacker to take...
Amazon Linux AMI : postgresql-jdbc (ALAS-2021-1533)
The version of postgresql-jdbc installed on the remote host is prior to 8.4.704-4.13. It is, therefore, affected by a vulnerability as referenced in the ALAS-2021-1533 advisory. A flaw was found in PostgreSQL JDBC in versions prior to 42.2.13. An XML External Entity XXE weakness was found in...
F5 Networks BIG-IP : PostgreSQL vulnerability (K23157312)
PostgreSQL JDBC Driver aka PgJDBC before 42.2.13 allows XXE. CVE-2020-13692 Impact F5 does not know of any specific F5 attack vectors; however,the threat could theoretically affectsystem availability and data confidentiality. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive te...
SUSE: Security Advisory (SUSE-SU-2021:0599-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL MAIN 6.02 : postgresql-jdbc Vulnerability (NS-SA-2021-0087)
The remote NewStart CGSL host, running version MAIN 6.02, has postgresql-jdbc packages installed that are affected by a vulnerability: - PostgreSQL JDBC Driver aka PgJDBC before 42.2.13 allows XXE. CVE-2020-13692 Note that Nessus has not tested for this issue but has instead relied only on the...
NewStart CGSL CORE 5.04 / MAIN 5.04 : postgresql-jdbc Vulnerability (NS-SA-2021-0010)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has postgresql-jdbc packages installed that are affected by a vulnerability: - PostgreSQL JDBC Driver aka PgJDBC before 42.2.13 allows XXE. CVE-2020-13692 Note that Nessus has not tested for this issue but has instead relied on...
Huawei EulerOS: Security Advisory for postgresql-jdbc (EulerOS-SA-2021-1349)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP8 : postgresql-jdbc (EulerOS-SA-2021-1165)
According to the version of the postgresql-jdbc package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in PostgreSQL JDBC in versions prior to 42.2.13. An XML External Entity XXE weakness was found in PostgreSQL JDBC. The...