4 matches found
CVE-2021-43766
Odyssey passes to server unencrypted bytes from man-in-the-middle When Odyssey is configured to use certificate Common Name for client authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate...
EulerOS 2.0 SP8 : postgresql-10.5 (EulerOS-SA-2023-1346)
According to the versions of the postgresql-10.5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Odyssey passes to server unencrypted bytes from man-in-the-middle When Odyssey is configured to use certificate Common Name for client...
CVE-2021-43766 affecting package postgresql 12.8-1
CVE-2021-43766 affecting package postgresql 12.8-1. An upgraded version of the package is available that resolves this issue...
CVE-2021-43766
CVE-2021-43766 describes an issue where, when Odyssey is configured to use certificate Common Name for client authentication, a man-in-the-middle can inject arbitrary SQL queries on the initial connection, despite SSL certificate verification and encryption. The risk is evidenced by the relation ...