2 matches found
CVE-2022-41946
Summary (CVE-2022-41946) pgjdbc (PostgreSQL JDBC Driver) is affected where a prepared statement using Either setText(int, InputStream) or setBytea(int, InputStream) creates a temporary file when the InputStream exceeds ~2 KB. The created temp file in the system temp directory can be readable by o...
CVE-2026-42198
CVE-2026-42198 affects the pgjdbc PostgreSQL JDBC driver in versions 42.2.0 through before 42.7.11. The vulnerability is a client-side denial of service during SCRAM-SHA-256 authentication: a malicious server can force SCRAM with an extremely high iteration count, causing the client to spend unbo...