Astra Linux - уязвимость в libpgjava

pgjdbc, the PostgreSQL JDBC Driver, allows attackers to inject SQL statements if the PreferQueryMode=SIMPLE setting is used. Note that this is not the default setting. In the default mode, there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus sign...

EUVD-2024-0465

Malicious code in bioql PyPI...

VulnCheck KEV: CVE-2024-1597

pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a...

SUSE CVE-2024-32888

The Amazon JDBC Driver for Redshift is a Type 4 JDBC driver that provides database connectivity through the standard JDBC application program interfaces APIs available in the Java Platform, Enterprise Editions. Prior to version 2.1.0.28, SQL injection is possible when using the non-default...

GHSA-X3WM-HFFR-CHWM Amazon JDBC Driver for Redshift SQL Injection via line comment generation

Impact SQL injection is possible when using the non-default connection property preferQueryMode=simple in combination with application code which has a vulnerable SQL that negates a parameter value. There is no vulnerability in the driver when using the default, extended query mode. Note that...

SQLi (SQL Injection) org.postgresql:postgresql Dependency in Jira Software Data Center and Server

This Critical severity org.postgresql:postgresql Dependency vulnerability was introduced in versions 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, 9.6.0, 9.7.0, 9.8.0, 9.9.0, 9.10.0, 9.11.0, 9.12.0, 9.13.0, and 9.14.0 of Jira Software Data Center and Server. Jira Software Data Center is unaffected by...

org.postgresql:postgresql vulnerable to SQL Injection via line comment generation

Impact SQL injection is possible when using the non-default connection property preferQueryMode=simple in combination with application code that has a vulnerable SQL that negates a parameter value. There is no vulnerability in the driver when using the default query mode. Users that do not overri...

CVE-2024-1597 pgjdbc SQL Injection via line comment generation

pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a strin...

PostgreSQL JDBC Driver SQL Injection Vulnerability

PostgreSQL JDBC Driver is an open source JDBC driver written in Pure Java Type 4 for communication in the PostgreSQL native network protocol. A SQL injection vulnerability exists in the PostgreSQL JDBC Driver. An attacker can perform SQL injection in a PreferQueryMode=SIMPLE environment. Affected...