17 matches found
RHEL 7 : postgresql-jdbc (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes CVE-2022-21724 - A weakness...
Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities
Summary IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security...
Security Bulletin: IBM Security Verify Governance is vulnerable to arbitrary code execution, sensitive information exposure and unauthorized access due to PostgreSQL
Summary IBM Security Verify Governance is vulnerable to arbitrary code execution, sensitive information exposure and unauthorized access due to vulnerabilities in PostgreSQL JAR CVE-2022-26520, CVE-2022-21724, CVE-2020-13692, CVE-2022-31197, 220313. The fix involves upgrading the PostgreSQL JAR t...
Security Bulletin: A vulnerability in PostgreSQL JDBC Driver (PgJDBC) affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data (CVE-2022-21724)
Summary A vulnerability in PostgreSQL JDBC Driver PgJDBC affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data CVE-2022-21724. Please see the details below on how to remediate this issue. Vulnerability Details CVEID:CVE-2022-21724 DESCRIPTION: PostgreSQL JDBC Driver PgJDBC could...
Security Bulletin: A security vulnerability has been identified in Postgresql shipped with IBM Tivoli Netcool Impact (CVE-2022-26520, CVE-2022-21724, 220313)
Summary Postgresql is shipped with IBM Tivoli Netcool Impact. Information about a security vulnerability affecting Postgresql has been published in a security bulletin. Vulnerability Details CVEID:CVE-2022-26520 DESCRIPTION: DISPUTED In pgjdbc before 42.3.3, an attacker who controls the jdbc URL ...
Debian DSA-5196-1 : libpgjava - security update
The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5196 advisory. - PostgreSQL JDBC Driver aka PgJDBC before 42.2.13 allows XXE. CVE-2020-13692 - pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in th...
EulerOS 2.0 SP8 : postgresql-jdbc (EulerOS-SA-2022-1946)
According to the versions of the postgresql-jdbc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security...
Debian DLA-3018-1 : libpgjava - LTS security update
The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-3018 advisory. - pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the...
Moderate: Red Hat Security Advisory: Red Hat build of Quarkus 2.7.5 release and security update
An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more information...
Vulnerable version of PostgresSQL JDBC driver used - CVE-2022-21724
Affected versions of Atlassian Jira Server and Data Center used versions of the PostgresSQL JDBC driver that were vulnerable to CVE-2022-21724. The affected versions of Atlassian Jira Server and Data Center are before version 8.22.2. Affected versions: version 8.22.2 Fixed versions: 8.22.2 and...
OESA-2022-1535 postgresql-jdbc security update
PostgreSQL JDBC Driver PgJDBC for short allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. Is an open source JDBC driver written in Pure Java Type 4, and communicates in the PostgreSQL native network protocol. Security Fixes: pgjdbc is the...
CVE-2022-21724
pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin instances based o...
CVE-2022-21724 vulnerabilities
Vulnerabilities for packages: mariadb...
CVE-2022-21724 vulnerabilities
Vulnerabilities for packages: mariadb...
CVE-2022-21724
CVE-2022-21724 affects the official PostgreSQL JDBC Driver (libpgjava) used by pgjdbc. The vulnerability stems from the driver instantiating plugin classes based on connection properties (authenticationPluginClassName, sslhostnameverifier, socketFactory, sslfactory, sslpasswordcallback) without v...
CVE-2022-21724
pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin instances based o...
CVE-2022-21724 Unchecked Class Instantiation when providing Plugin Classes
pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin instances based o...