CVE-2018-10936
CVE-2018-10936 affects the PostgreSQL JDBC driver prior to 42.2.5. If an SSL Factory is provided and no host name verifier is configured, the driver might skip host name verification, enabling a MITM attacker to impersonate a trusted server with a CA-signed certificate. The risk is constrained to...