Advisory ROSA-SA-2026-3116

software: pgbouncer 1.25.1 OS: ROSA-CHROME unaffected versions = pgbouncer-1.25.1-1 affected versions pgbouncer-1.25.1-1 CVE-ID: CVE-2025-12819 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Arbitrary SQL execution vulnerability in PgBouncer in authquery handler: an unauthenticated attacker could execute...

CVE-2025-12819

Untrusted search path in authquery connection handler in PgBouncer before 1.25.1 allows an unauthenticated attacker to execute arbitrary SQL during authentication via a malicious searchpath parameter in the StartupMessage. Mitigation Mitigation for this issue is either not available or the...

Untrusted search path in auth_query connection in PgBouncer

...

CVE-2025-2291

Password can be used past expiry in PgBouncer due to authquery not taking into account Postgres its VALID UNTIL value, which allows an attacker to log in with an already expired password...

DEBIAN-CVE-2025-2291

Password can be used past expiry in PgBouncer due to authquery not taking into account Postgres its VALID UNTIL value, which allows an attacker to log in with an already expired password...

UBUNTU-CVE-2025-2291

Password can be used past expiry in PgBouncer due to authquery not taking into account Postgres its VALID UNTIL value, which allows an attacker to log in with an already expired password...

PgBouncer 安全漏洞

PgBouncer is an open source lightweight connection pool for PostgreSql from the PgBouncer community. A security vulnerability exists in PgBouncer that stems from authquery not taking into account the VALID UNTIL value of Postgres, which could lead to logging in with an expired password...