CLSA-2025-1762243790 postgresql-jdbc: Fix of CVE-2024-1597

update to 42.2.28 - CVE-2024-1597: fix SQL injection in PostgreSQL JDBC simple query mode...

Vitess 安全漏洞

Vitess is a database clustering system for horizontally scaling MySQL from Vitess. A security vulnerability exists in Vitess versions prior to 19.0.4, prior to 18.0.5, and prior to 17.0.7, which stems from a simple query that causes unlimited memory consumption when executed...

GHSA-24RP-Q3W6-VC56 org.postgresql:postgresql vulnerable to SQL Injection via line comment generation

Impact SQL injection is possible when using the non-default connection property preferQueryMode=simple in combination with application code that has a vulnerable SQL that negates a parameter value. There is no vulnerability in the driver when using the default query mode. Users that do not overri...

postgresql:simple_query_fuzzer: Crash with empty stacktrace

Detailed Report: https://oss-fuzz.com/testcase?key=4884251691188224 Project: postgresql Fuzzing Engine: libFuzzer Fuzz Target: simplequeryfuzzer Job Type: libfuzzerasanpostgresql Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x000000010000 Crash State: NULL Sanitizer: address ASAN...