CVE-2025-22248 [pgpool] Unauthenticated access to postgres through pgpool

The bitnami/pgpool Docker image, and the bitnami/postgres-ha k8s chart, under default configurations, comes with an 'repmgr' user that allows unauthenticated access to the database inside the cluster. The PGPOOLSRCHECKUSER is the user that Pgpool itself uses to perform streaming replication check...

CVE-2025-22248 [pgpool] Unauthenticated access to postgres through pgpool

The bitnami/pgpool Docker image, and the bitnami/postgres-ha k8s chart, under default configurations, comes with an 'repmgr' user that allows unauthenticated access to the database inside the cluster. The PGPOOLSRCHECKUSER is the user that Pgpool itself uses to perform streaming replication check...

BIT-PGPOOL-2025-22248

The PgPool II component into a Bitnami Pgpool II container image comes by default configured with an 'repmgr' user that allows unauthenticated access to the database inside the cluster. This can be addressed by mounting and overwriting the Pgpool configuration file directly. If PgPool is exposed...

PT-2025-20882 · Undefined · Undefined

2025-05-13 19:01:23.477089 UTC +09:00 1. CVE-2025-41645 CERTVDE SMA: Sunny Portal demo system privilege escalation An unauthenticated remote attacker could use a demo account of the portal to hijack devices that were created in that account by mistake. https://vulners.com/cve/CVE-2025-41645...

PT-2025-20841 · Bitnami +2 · Bitnami/Postgres-Ha +3

Name of the Vulnerable Software and Affected Versions: bitnami/pgpool affected versions not specified bitnami/postgres-ha affected versions not specified Description: The bitnami/pgpool Docker image and the bitnami/postgres-ha k8s chart, under default configurations, come with a repmgr user that...

Linux Distros Unpatched Vulnerability : CVE-2024-45624

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exposure of sensitive information due to incompatible policies issue exists in Pgpool-II. If a database user accesses a query cache, table data unauthorized for...

DLA-3993-1 pgpool2 - security update

Bulletin has no description...

CVE-2024-45624

Exposure of sensitive information due to incompatible policies issue exists in Pgpool-II. If a database user accesses a query cache, table data unauthorized for the user may be retrieved...

ALPINE-CVE-2024-45624

Exposure of sensitive information due to incompatible policies issue exists in Pgpool-II. If a database user accesses a query cache, table data unauthorized for the user may be retrieved...

CVE-2024-45624

Exposure of sensitive information due to incompatible policies issue exists in Pgpool-II. If a database user accesses a query cache, table data unauthorized for the user may be retrieved...

DEBIAN-CVE-2024-45624

Exposure of sensitive information due to incompatible policies issue exists in Pgpool-II. If a database user accesses a query cache, table data unauthorized for the user may be retrieved...

UBUNTU-CVE-2024-45624

Exposure of sensitive information due to incompatible policies issue exists in Pgpool-II. If a database user accesses a query cache, table data unauthorized for the user may be retrieved...

CVE-2024-45624

CVE-2024-45624 affects pgpool-II, where the query cache can expose table data unauthorized to the querying user due to incompatible policies. Public sources in connected documents confirm the issue in pgpool-II and its impact of potential data exposure (CVE-2024-45624) with CVSS-inferred high imp...

CVE-2024-45624

Exposure of sensitive information due to incompatible policies issue exists in Pgpool-II. If a database user accesses a query cache, table data unauthorized for the user may be retrieved...

CVE-2024-45624

Exposure of sensitive information due to incompatible policies issue exists in Pgpool-II. If a database user accesses a query cache, table data unauthorized for the user may be retrieved...

CVE-2024-45624

Exposure of sensitive information due to incompatible policies issue exists in Pgpool-II. If a database user accesses a query cache, table data unauthorized for the user may be retrieved...

Pgpool-II vulnerable to information disclosure

Overview Pgpool-II is a cluster management tool. Pgpool-II contains an information disclosure vulnerability CWE-213 in its query cache function. PgPool Global Development Group reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and PgPool Global Development...

Pgpool-II 安全漏洞

Pgpool-II is an open source cluster management tool from PgPool Global Development Group. A security vulnerability exists in Pgpool-II that stems from an information disclosure vulnerability contained in the query caching feature...

PT-2024-31713 · Pgpool-Ii +2 · Pgpool-Ii +2

Name of the Vulnerable Software and Affected Versions: Pgpool-II versions up to 4.5.3 Description: Exposure of sensitive information due to incompatible policies issue exists in Pgpool-II. If a database user accesses a query cache, table data unauthorized for the user may be retrieved...

JVN#67456481: Pgpool-II vulnerable to information disclosure

Pgpool-II is a cluster management tool. Pgpool-II contains an information disclosure vulnerability CWE-213 in its query cache function. Impact If a database user access a query cache, table data unauthorized for the user may be retrieved. Solution Update the Software Apply the appropriate updates...