1813 matches found
RHEL 10 : postgresql-jdbc (RHSA-2026:24348)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:24348 advisory. PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java program...
RHEL 9 : postgresql-jdbc (RHSA-2026:22304)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:22304 advisory. PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs...
Untrusted Search Path
Overview software.amazon.jdbc:aws-advanced-jdbc-wrapper is an Amazon Web Services AWS Advanced JDBC Wrapper Affected versions of this package are vulnerable to Untrusted Search Path in the GlobalAuroraPgDialect, which is included in the public schema. A low-privileged user can elevate privileges ...
io.camunda:camunda-zeebe (>=8.9.0 <=8.10.0-alpha1-rc3), org.finos.legend.engine:legend-engine-xt-relationalStore-aurora-execution (>=4.128.0 <=4.131.0) +3 more potentially affected by CVE-2026-11400 via software.amazon.jdbc:aws-advanced-jdbc-wrapper (>=3.2.0 <=4.0.0)
software.amazon.jdbc:aws-advanced-jdbc-wrapper MAVEN version =3.2.0, =8.9.0, =4.128.0, =4.131.0 - org.wildfly:wildfly-datasources-galleon-pack =11.4.0.Final - org.wildfly:wildfly-datasources-galleon-pack-common =11.4.0.Final - org.wildfly:wildfly-datasources-preview-galleon-pack =11.4.0.Final...
CVE-2026-11400
An untrusted search path issue in the GlobalDatabasePlugin in the AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL will allow a remote authenticated low-privilege actor to escalate privileges to those of another Amazon RDS user, including rdssuperuser, via a crafted function created by the...
CVE-2026-8178
An issue exists in Amazon Redshift JDBC Driver versions prior to 2.2.2. Under certain conditions, the driver could load and execute arbitrary classes when processing JDBC connection URL parameters. An actor who can influence the connection URL could potentially execute code in the application...
CVE-2026-11400 Privilege Escalation in AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL
An untrusted search path issue in the GlobalDatabasePlugin in the AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL will allow a remote authenticated low-privilege actor to escalate privileges to those of another Amazon RDS user, including rdssuperuser, via a crafted function created by the...
PT-2026-47034
Name of the Vulnerable Software and Affected Versions AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL versions prior to 4.0.1 Description An untrusted search path issue exists in the GlobalDatabasePlugin. This allows a remote authenticated low-privilege actor to escalate privileges to thos...
Amazon Web Services JDBC Driver 安全漏洞
The Amazon Web Services JDBC Driver is an open-source Go language wrapper developed by Amazon Web Services. There is a security vulnerability in the Amazon Web Services JDBC Driver, which stems from an unreliable search path issue in the GlobalDatabasePlugin. This vulnerability allows remote,...
RockyLinux 9 : postgresql-jdbc (RLSA-2026:22304)
The remote RockyLinux 9 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2026:22304 advisory. jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication CVE-2026-42198 Tenable has extracted the preceding...
RLSA-2026:22304 Important: postgresql-jdbc security update
PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Security Fixes: jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authenticati...
postgresql-jdbc security update
An update is available for postgresql-jdbc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PostgreSQL is an advanced object-relational database management syste...
RHSA-2026:22304 Red Hat Security Advisory: postgresql-jdbc security update
Bulletin has no description...
Important: Red Hat Security Advisory: postgresql-jdbc security update
An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...
Important: postgresql-jdbc security update
PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Security Fixes: jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authenticati...
Security update for postgresql-jdbc (important)
openSUSE security update: security update for postgresql-jdbc ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20847-1 Rating: important References: bsc1264174 Cross-References: CVE-2026-42198 CVSS scores: CVE-2026-42198 SUSE : 7.5...
OPENSUSE-SU-2026:20847-1 Security update for postgresql-jdbc
This update for postgresql-jdbc fixes the following issue - CVE-2026-42198: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication bsc1264174...
SUSE-SU-2026:22000-1 Security update for postgresql-jdbc
This update for postgresql-jdbc fixes the following issue - CVE-2026-42198: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication bsc1264174...
SUSE SLES15 Security Update : postgresql-jdbc (SUSE-SU-2026:2028-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:2028-1 advisory. This update for postgresql-jdbc fixes the following issue - CVE-2026-42198: client-side denial of service via malicious SCRAM-SHA-256...
OESA-2026-2445 postgresql-jdbc security update
PostgreSQL JDBC Driver PgJDBC for short allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. Is an open source JDBC driver written in Pure Java Type 4, and communicates in the PostgreSQL native network protocol. Security Fixes: pgjdbc is an open...