9 matches found
Fedora 42 : pgbouncer (2026-cf2ba5b766)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-cf2ba5b766 advisory. Update to 1.25.2. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...
CVE-2025-12819 vulnerabilities
Vulnerabilities for packages: pgbouncer...
Debian: Security Advisory (DLA-4422-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 4422-1] pgbouncer security update
Debian LTS Advisory DLA-4422-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson December 27, 2025 https://wiki.debian.org/LTS Package : pgbouncer Version : 1.15.0-1+deb11u2 CVE ID : CVE-2025-12819 Debian Bug : PgBouncer is a lightweight connection pooler for...
Debian dla-4422 : pgbouncer - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4422 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4422-1 [email protected] https://www.debian.org/lts/security/...
CVE-2025-12819 vulnerabilities
Vulnerabilities for packages: pgbouncer...
Linux Distros Unpatched Vulnerability : CVE-2025-12819
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Untrusted search path in authquery connection handler in PgBouncer before 1.25.1 allows an unauthenticated attacker to execute arbitrary SQL during authenticati...
AZL-71249 CVE-2025-12819 affecting package pgbouncer for versions less than 1.25.1-1
Untrusted search path in authquery connection handler in PgBouncer before 1.25.1 allows an unauthenticated attacker to execute arbitrary SQL during authentication via a malicious searchpath parameter in the StartupMessage...
AZL-71438 CVE-2025-12819 affecting package pgbouncer for versions less than 1.25.1-1
Untrusted search path in authquery connection handler in PgBouncer before 1.25.1 allows an unauthenticated attacker to execute arbitrary SQL during authentication via a malicious searchpath parameter in the StartupMessage...