Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:1464
HistoryFeb 11, 2015 - 3:08 a.m.

SQL Injection

2015-02-1103:08:44
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6

0.006 Low

EPSS

Percentile

79.0%

Interaction error in the PostgreSQL JDBC driver before 8.2, when used with a PostgreSQL server with the ‘standard_conforming_strings’ option enabled, such as the default configuration of PostgreSQL 9.1 (this option is also supported as non-default since 8.2), does not properly escape unspecified JDBC statement parameters, which allows remote attackers to perform SQL injection attacks. NOTE: as of 20120330, it was claimed that the upstream developer planned to dispute this issue, but an official dispute has not been posted as of 20121005.

0.006 Low

EPSS

Percentile

79.0%