3 matches found
postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions
A flaw was found in org.postgresql. This issue allows the creation of a temporary file when using PreparedStatement.setTextint, InputStream and PreparedStatemet.setByteaint, InputStream. This could allow a user to create an unexpected file available to all users, which could end in unexpected...
The vulnerability in the implementation of PreparedStatement.setText() or PreparedStatement.setBytea() methods of the JDBC driver (PgJDBC) for connecting Java programs to PostgreSQL allows a hacker to exploit the protected information.
The vulnerability in the implementation of PreparedStatement.setText or PreparedStatement.setBytea methods of the PgJDBC driver for connecting Java programs to PostgreSQL lies in the use of insecure temporary files. Exploiting this vulnerability could allow an attacker to disclose sensitive...
PT-2022-5790 · Pgjdbc +8 · Pgjdbc +8
Name of the Vulnerable Software and Affected Versions: pgjdbc versions prior to 4.5.0 Description: The issue is related to the implementation of the PreparedStatement.setText or PreparedStatement.setBytea methods in the PgJDBC driver, which can lead to the creation of temporary files that are...