Lucene search
K

3 matches found

RedHat Linux
RedHat Linux
added 2023/03/09 10:47 a.m.5 views

postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions

A flaw was found in org.postgresql. This issue allows the creation of a temporary file when using PreparedStatement.setTextint, InputStream and PreparedStatemet.setByteaint, InputStream. This could allow a user to create an unexpected file available to all users, which could end in unexpected...

5.5CVSS6.8AI score0.0048EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2022/12/09 12:0 a.m.6 views

The vulnerability in the implementation of PreparedStatement.setText() or PreparedStatement.setBytea() methods of the JDBC driver (PgJDBC) for connecting Java programs to PostgreSQL allows a hacker to exploit the protected information.

The vulnerability in the implementation of PreparedStatement.setText or PreparedStatement.setBytea methods of the PgJDBC driver for connecting Java programs to PostgreSQL lies in the use of insecure temporary files. Exploiting this vulnerability could allow an attacker to disclose sensitive...

5.5CVSS6.2AI score0.0048EPSS
Exploits1References8Affected Software4
Positive Technologies
Positive Technologies
added 2022/11/23 12:0 a.m.6 views

PT-2022-5790 · Pgjdbc +8 · Pgjdbc +8

Name of the Vulnerable Software and Affected Versions: pgjdbc versions prior to 4.5.0 Description: The issue is related to the implementation of the PreparedStatement.setText or PreparedStatement.setBytea methods in the PgJDBC driver, which can lead to the creation of temporary files that are...

10CVSS6.7AI score0.0481EPSS
Exploits3References74
Rows per page
Query Builder