Lucene search
K

311 matches found

Fedora
Fedora
added 2019/03/12 9:45 p.m.45 views

[SECURITY] Fedora 28 Update: postgresql-jdbc-42.2.5-2.fc28

PostgreSQL is an advanced Object-Relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database...

8.1CVSS2.1AI score0.0291EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2018/10/19 4:53 p.m.35 views

Moderate severity vulnerability that affects org.postgresql:pgjdbc-aggregate

A weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and not check the host name if a host name verifier was not provided to the driver. This could lead to a condition where a man-in-the-middle attacker could masquerade as a trusted server by...

8.1CVSS3.2AI score0.0291EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2018/10/19 4:53 p.m.23 views

GHSA-568Q-9FW5-28WF Moderate severity vulnerability that affects org.postgresql:pgjdbc-aggregate

A weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and not check the host name if a host name verifier was not provided to the driver. This could lead to a condition where a man-in-the-middle attacker could masquerade as a trusted server by...

8.1CVSS7.7AI score0.0291EPSS
Exploits0References6
NVD
NVD
added 2018/08/30 1:29 p.m.20 views

CVE-2018-10936

A weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and not check the host name if a host name verifier was not provided to the driver. This could lead to a condition where a man-in-the-middle attacker could masquerade as a trusted server by...

8.1CVSS7.8AI score0.0291EPSS
Exploits0References4
OSV
OSV
added 2018/08/30 1:29 p.m.26 views

CVE-2018-10936

A weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and not check the host name if a host name verifier was not provided to the driver. This could lead to a condition where a man-in-the-middle attacker could masquerade as a trusted server by...

8.1CVSS6.5AI score0.0291EPSS
Exploits0References4
OSV
OSV
added 2018/08/30 1:29 p.m.2 views

UBUNTU-CVE-2018-10936

A weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and not check the host name if a host name verifier was not provided to the driver. This could lead to a condition where a man-in-the-middle attacker could masquerade as a trusted server by...

8.1CVSS7.2AI score0.0291EPSS
Exploits0References2
CVE
CVE
added 2018/08/30 1:0 p.m.122 views

CVE-2018-10936

CVE-2018-10936 affects the PostgreSQL JDBC driver prior to 42.2.5. If an SSL Factory is provided and no host name verifier is configured, the driver might skip host name verification, enabling a MITM attacker to impersonate a trusted server with a CA-signed certificate. The risk is constrained to...

8.1CVSS7.6AI score0.0291EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2018/08/30 1:0 p.m.25 views

CVE-2018-10936

A weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and not check the host name if a host name verifier was not provided to the driver. This could lead to a condition where a man-in-the-middle attacker could masquerade as a trusted server by...

8.1CVSS7.8AI score0.0291EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2018/08/30 1:49 a.m.28 views

CVE-2018-10936

A weakness was found in postgresql-jdbc. It was possible to provide an SSL Factory and not check the host name if a host name verifier was not provided to the driver. This could lead to a condition where a man-in-the-middle attacker could masquerade as a trusted server by providing a certificate...

8.1CVSS1.6AI score0.0291EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2012/10/06 12:0 a.m.3 views

PT-2012-3386 · Postgresql · Postgresql Jdbc Driver

Name of the Vulnerable Software and Affected Versions: PostgreSQL JDBC driver versions prior to 8.2 Description: The issue arises from an interaction error in the PostgreSQL JDBC driver when used with a PostgreSQL server that has the "standard conforming strings" option enabled. This error allows...

7.5CVSS7.2AI score0.02942EPSS
Exploits1References15
RedHat Linux
RedHat Linux
added 2008/07/02 1:15 p.m.65 views

Moderate: Red Hat Security Advisory: Red Hat Application Stack v2.1 security and enhancement update

Red Hat Application Stack v2.1 is now available. This update fixes various security issues and adds several enhancements. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Red Hat Application Stack is an integrated open source application...

10CVSS7.2AI score0.10918EPSS
Exploits7References10
Rows per page
Query Builder