Lucene search
+L

79 matches found

vulnrichment
vulnrichment
added 2025/06/11 2:32 p.m.8 views

CVE-2025-49146 pgjdbc Client Allows Fallback to Insecure Authentication Despite channelBinding=require Configuration

pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC driver is configured with channel binding set to required default value is prefer, the driver would incorrectly allow connections to proceed with authentication methods that do not support...

8.2CVSS7AI score0.00461EPSS
Exploits0References2
cvelist
cvelist
added 2025/06/11 2:32 p.m.47 views

CVE-2025-49146 pgjdbc Client Allows Fallback to Insecure Authentication Despite channelBinding=require Configuration

pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC driver is configured with channel binding set to required default value is prefer, the driver would incorrectly allow connections to proceed with authentication methods that do not support...

8.2CVSS0.00461EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2025/06/11 12:0 a.m.3 views

PT-2025-25224

Name of the Vulnerable Software and Affected Versions pgjdbc versions 42.7.4 through 42.7.6 Description The issue arises when the PostgreSQL JDBC driver is configured with channel binding set to required, allowing connections to proceed with authentication methods that do not support channel...

8.5CVSS7.3AI score0.00461EPSS
Exploits0References34
nessus
nessus
added 2025/05/14 12:0 a.m.10 views

Alibaba Cloud Linux 3 : 0089: postgresql-jdbc (ALINUX3-SA-2024:0089)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0089 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-1597: pgjdbc, the PostgreSQL JDBC Driver,...

10CVSS7.9AI score0.0481EPSS
Exploits0References2
nessus
nessus
added 2025/05/14 12:0 a.m.10 views

Alibaba Cloud Linux 3 : 0069: postgresql-jdbc (ALINUX3-SA-2022:0069)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0069 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-13692: PostgreSQL JDBC Driver aka PgJDBC...

7.7CVSS7.5AI score0.04094EPSS
Exploits0References2
nessus
nessus
added 2025/05/14 12:0 a.m.8 views

Alibaba Cloud Linux 3 : 0065: postgresql-jdbc (ALINUX3-SA-2023:0065)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0065 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-41946: pgjdbc is an open source postgresql...

5.5CVSS6.3AI score0.0048EPSS
Exploits1References2
ibm
ibm
added 2025/03/26 2:36 a.m.48 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.1

Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.1 Vulnerability Details CVEID:CVE-2022-21724 DESCRIPTION: PostgreSQL JDBC Driver PgJDBC could allow a remote authenticated attack...

9.8CVSS9.4AI score0.05664EPSS
Exploits9Affected Software1
nessus
nessus
added 2025/03/05 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2022-31197

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PostgreSQL JDBC Driver PgJDBC for short allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. The PGJDBC...

8CVSS6.8AI score0.0167EPSS
Exploits1References3
nessus
nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-1597

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no...

10CVSS7.7AI score0.0481EPSS
Exploits0References3
nessus
nessus
added 2025/03/05 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2022-21724

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system usi...

9.8CVSS8.3AI score0.0301EPSS
Exploits1References3
spring
spring
added 2024/12/03 12:0 a.m.12 views

This Week in Spring - December 3rd, 2024

Hi, Spring fans! Welcome to another installment of This Week in Spring! It's the first week of December and I am in the amazing city of Perth, Australia. Perth, for those of you who don't know, is amazing. And well worth the journey. But it is quite the journey! 27 hours, door-to-door, from San...

7.1AI score
Exploits0
vulncheck_kev
vulncheck_kev
added 2024/10/30 12:0 a.m.2 views

VulnCheck KEV: CVE-2024-1597

pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a...

10CVSS7.2AI score0.0481EPSS
Exploits0References1
redhat
redhat
added 2024/08/06 4:51 p.m.33 views

Important: Red Hat Security Advisory: Red Hat Integration Camel K 1.10.7 release and security update.

Red Hat Integration Camel K 1.10.7 release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

10CVSS7.2AI score0.0481EPSS
Exploits0References2
redhat
redhat
added 2024/06/24 1:38 a.m.29 views

Important: Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.33.0 security update & enhancements

Release of OpenShift Serverless Logic 1.33.0 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

10CVSS6.9AI score0.0481EPSS
Exploits1References9
nessus
nessus
added 2024/05/27 12:0 a.m.42 views

Atlassian Confluence 6.0.1 < 7.19.22 / 7.20.x < 8.5.9 / 8.6.x < 8.9.1 SQLI (CONFSERVER-95837)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-95837 advisory. - pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mo...

10CVSS7.8AI score0.0481EPSS
Exploits0References4
nessus
nessus
added 2024/05/14 12:0 a.m.19 views

Rocky Linux 9 : postgresql-jdbc (RLSA-2024:1436)

The remote Rocky Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2024:1436 advisory. - pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is n...

10CVSS7.9AI score0.0481EPSS
Exploits0References3
ibm
ibm
added 2024/04/30 5:34 p.m.44 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in postgresql-42.3.2.jar

Summary IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in postgresql-42.3.2.jar Vulnerability Details CVEID:CVE-2024-1597 DESCRIPTION: PostgreSQL JDBC Driver PgJDBC is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements when using...

10CVSS9.6AI score0.0481EPSS
Exploits0Affected Software1
nessus
nessus
added 2024/04/29 12:0 a.m.10 views

Fedora 40 : postgresql-jdbc (2024-ed884c3203)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-ed884c3203 advisory. This rebase fixes CVE-2024-1597. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

10CVSS7.8AI score0.0481EPSS
Exploits0References2
openvas
openvas
added 2024/04/12 12:0 a.m.26 views

Mageia: Security Advisory (MGASA-2024-0120)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.6AI score0.0481EPSS
Exploits0References4
osv
osv
added 2024/04/11 11:58 p.m.10 views

MGASA-2024-0120 Updated postgresql-jdbc packages fix security vulnerability

pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a strin...

10CVSS7.8AI score0.0481EPSS
Exploits0References3
Rows per page
Query Builder