1. Home
  2. Vulnerabilities
  3. CVE-2020-13692

CVE-2020-13692

CVSS v3.1 7.7 (High)
77% Progress
CVSS v2.0 6.8 (Medium)
68% Progress
EPSS 1.65 % (88th)
1.65% Progress
Affected Products 5
Advisories 17
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

PostgreSQL JDBC Driver (aka PgJDBC) before 42.2.13 allows XXE.

Weaknesses
CWE-611
Improper Restriction of XML External Entity Reference
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2020-06-04 16:15:12
(4 years ago)
Updated Date
2023-11-07 03:16:47
(10 months ago)

Affected Products

Debian

Fedoraproject

Netapp

Postgresql

Quarkus

Configuration #1

    CPE23 From Up To
  Postgresql Jdbc Driver prior 42.2.13 version cpe:2.3:a:postgresql:postgresql_jdbc_driver < 42.2.13

Configuration #2

    CPE23 From Up To
  Quarkus 1.5.2 and prior versions cpe:2.3:a:quarkus:quarkus <= 1.5.2

Configuration #3

    CPE23 From Up To
  Netapp Steelstore Cloud Integrated Storage cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-

Configuration #4

    CPE23 From Up To
  Fedoraproject Fedora 32 cpe:2.3:o:fedoraproject:fedora:32

Configuration #5

    CPE23 From Up To
  Debian Linux 10.0 cpe:2.3:o:debian:debian_linux:10.0
  Debian Linux 11.0 cpe:2.3:o:debian:debian_linux:11.0