10 matches found
Atlassian Confluence 9.2.8 < 9.2.11 (CONFSERVER-101842)
The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101842 advisory. - pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC driver is configured with channel binding...
Security Bulletin: IBM Datapower Operations Dashboard could allow allow a man-in-the-middle attacker to intercept connections CVE-2025-49146
Summary postgresql is used in KeyCloak which is used by the IBM Datapower Operations Dashboard for authentication and authorization Vulnerability Details CVEID:CVE-2025-49146 DESCRIPTION: pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC drive...
Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in postgresql-42.7.6.jar
Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of postgresql-42.7.6.jar Vulnerability Details CVEID:CVE-2025-49146 DESCRIPTION: pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC driver is configured with channel bindin...
postgresql-jdbc-42.7.7-1.1 on GA media (moderate)
postgresql-jdbc-42.7.7-1.1 on GA media Announcement ID: openSUSE-SU-2025:15264-1 Rating: moderate Cross-References: CVE-2025-49146 CVSS scores: CVE-2025-49146 SUSE : 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N CVE-2025-49146 SUSE : 8.3...
CVE-2025-49146 vulnerabilities
Vulnerabilities for packages: liquibase, sonarqube-10, apicurio-registry, keycloak...
CVE-2025-49146 vulnerabilities
Vulnerabilities for packages: keycloak, keycloak-fips, camunda-zeebe, apicurio-registry, liquibase, sonarqube-10...
CVE-2025-49146
creationtimestamp| type| source ---|---|--- 2025-06-11 17:40:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrdxcbi7pk2m 2025-06-11 20:15:58+00:00| seen| Telegram/nn4r48fMtsoF4yprR5SnwOJcbR44UlHSPFU-GpYRsWktOw 2025-06-13 14:03:45+00:00| seen|...
CVE-2025-49146
pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC driver is configured with channel binding set to required default value is prefer, the driver would incorrectly allow connections to proceed with authentication methods that do not support...
UBUNTU-CVE-2025-49146
pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC driver is configured with channel binding set to required default value is prefer, the driver would incorrectly allow connections to proceed with authentication methods that do not support...
CVE-2025-49146 pgjdbc Client Allows Fallback to Insecure Authentication Despite channelBinding=require Configuration
pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC driver is configured with channel binding set to required default value is prefer, the driver would incorrectly allow connections to proceed with authentication methods that do not support...