pkg:maven/org.postgresql/postgresql
Type
maven
Namespace
org.postgresql
Name
postgresql
Known advisories, vulnerabilities and fixes for org.postgresql/postgresql package.
Critical
2
High
4
Moderate
2
Low
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | >= 42.7.0, < 42.7.2 >= 42.6.0, < 42.6.1 >= 42.5.0, < 42.5.5 >= 42.4.0, < 42.4.4 >= 42.3.0, < 42.3.9 < 42.2.28 |
CVE-2024-1597
|
MAVEN:GHSA-24RP-Q3W6-VC56 | org.postgresql:postgresql vulnerable to SQL Injection via line comment generation | critical |
2024-02-21T23:33:43
(6 months ago) |
|
Fixed | = 42.7.2 = 42.6.1 = 42.5.5 = 42.4.4 = 42.3.9 = 42.2.28 |
CVE-2024-1597
|
MAVEN:GHSA-24RP-Q3W6-VC56 | org.postgresql:postgresql vulnerable to SQL Injection via line comment generation | critical |
2024-02-21T23:33:43
(6 months ago) |
|
Affected | >= 42.3.0, < 42.3.8 >= 42.5.0, < 42.5.1 >= 42.4.0, < 42.4.3 >= 42.2.0, < 42.2.27 |
CVE-2022-41946
|
MAVEN:GHSA-562R-VG33-8X8H | TemporaryFolder on unix-like systems does not limit access to created files | moderate |
2022-11-23T22:17:25
(22 months ago) |
|
Fixed | = 42.3.8 = 42.5.1 = 42.4.3 = 42.2.27 |
CVE-2022-41946
|
MAVEN:GHSA-562R-VG33-8X8H | TemporaryFolder on unix-like systems does not limit access to created files | moderate |
2022-11-23T22:17:25
(22 months ago) |
|
Affected | >= 42.1.0, < 42.3.3 | MAVEN:GHSA-673J-QM5F-XPV8 | pgjdbc Arbitrary File Write Vulnerability | moderate |
2022-02-16T00:08:18
(2 years ago) |
||
Fixed | = 42.3.3 | MAVEN:GHSA-673J-QM5F-XPV8 | pgjdbc Arbitrary File Write Vulnerability | moderate |
2022-02-16T00:08:18
(2 years ago) |
||
Affected | >= 42.1.0, < 42.3.3 |
CVE-2022-26520
|
MAVEN:GHSA-727H-HRW8-JG8Q | Path traversal in org.postgresql:postgresql | low |
2022-03-11T00:02:02
(2 years ago) |
|
Fixed | = 42.3.3 |
CVE-2022-26520
|
MAVEN:GHSA-727H-HRW8-JG8Q | Path traversal in org.postgresql:postgresql | low |
2022-03-11T00:02:02
(2 years ago) |
|
Affected | < 42.2.13 |
CVE-2020-13692
|
MAVEN:GHSA-88CC-G835-76RP | Improper Restriction of XML External Entity Reference | high |
2022-02-10T00:30:07
(2 years ago) |
|
Fixed | = 42.2.13 |
CVE-2020-13692
|
MAVEN:GHSA-88CC-G835-76RP | Improper Restriction of XML External Entity Reference | high |
2022-02-10T00:30:07
(2 years ago) |
|
Affected | < 8.2 |
CVE-2012-1618
|
MAVEN:GHSA-H86W-M5RM-XR33 | Unescaped parameters in the PostgreSQL JDBC driver | high |
2022-05-17T05:20:42
(2 years ago) |
|
Fixed | = 8.2 |
CVE-2012-1618
|
MAVEN:GHSA-H86W-M5RM-XR33 | Unescaped parameters in the PostgreSQL JDBC driver | high |
2022-05-17T05:20:42
(2 years ago) |
|
Affected | >= 42.3.0, < 42.3.7 >= 42.4.0, < 42.4.1 < 42.2.26 |
CVE-2022-31197
|
MAVEN:GHSA-R38F-C4H4-HQQ2 | PostgreSQL JDBC Driver SQL Injection in ResultSet.refreshRow() with malicious column names | high |
2022-08-06T05:51:38
(2 years ago) |
|
Fixed | = 42.3.7 = 42.4.1 = 42.2.26 |
CVE-2022-31197
|
MAVEN:GHSA-R38F-C4H4-HQQ2 | PostgreSQL JDBC Driver SQL Injection in ResultSet.refreshRow() with malicious column names | high |
2022-08-06T05:51:38
(2 years ago) |
|
Affected | >= 42.3.0, < 42.3.2 >= 9.4.1208, < 42.2.25 |
CVE-2022-21724
|
MAVEN:GHSA-V7WG-CPWC-24M4 | pgjdbc Does Not Check Class Instantiation when providing Plugin Classes | high |
2022-02-02T00:04:20
(2 years ago) |
|
Fixed | = 42.3.2 = 42.2.25 |
CVE-2022-21724
|
MAVEN:GHSA-V7WG-CPWC-24M4 | pgjdbc Does Not Check Class Instantiation when providing Plugin Classes | high |
2022-02-02T00:04:20
(2 years ago) |
|
Affected | < 42.2.8 >= 42.3.0, < 42.3.9 >= 42.4.0, < 42.4.4 >= 42.5.0, < 42.5.5 >= 42.6.0, < 42.6.1 >= 42.7.0, < 42.7.2 | MAVEN:GHSA-XFG6-62PX-CXC2 | Duplicate Advisory: SQL injection in pgjdbc | critical |
2024-02-19T15:30:38
(7 months ago) |
||
Fixed | = 42.2.8 = 42.3.9 = 42.4.4 = 42.5.5 = 42.6.1 = 42.7.2 | MAVEN:GHSA-XFG6-62PX-CXC2 | Duplicate Advisory: SQL injection in pgjdbc | critical |
2024-02-19T15:30:38
(7 months ago) |