2 matches found
RHEL 8 : postgresql-jdbc (RHSA-2024:1435)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1435 advisory. PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs ...
GHSA-24RP-Q3W6-VC56 org.postgresql:postgresql vulnerable to SQL Injection via line comment generation
Impact SQL injection is possible when using the non-default connection property preferQueryMode=simple in combination with application code that has a vulnerable SQL that negates a parameter value. There is no vulnerability in the driver when using the default query mode. Users that do not overri...