Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:36591
HistoryAug 03, 2022 - 10:36 p.m.

SQL Injection

2022-08-0322:36:24
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
43
postgresql
jdbc driver
sql injection
remote attacker
malicious code

EPSS

0.001

Percentile

47.0%

PostgreSQL JDBC Driver is vulnerable to SQL Injection. The vulnerability exists in java.sql.ResultRow.RefreshRow function because it’s not properly escaping column names which allows a remote attacker to inject and execute malicious sql code into the system.