CVE-2022-26520
CVE-2022-26520 affects the PostgreSQL JDBC (PgJDBC) driver prior to 42.3.3. An attacker who controls the JDBC URL or properties can cause java.util.logging.FileHandler to write to arbitrary files via the loggerFile and loggerLevel properties, potentially enabling tasks like placing an executable ...