pkg:maven/org.postgresql/postgresql

Type maven

Namespace org.postgresql

Name postgresql

Known advisories, vulnerabilities and fixes for org.postgresql/postgresql package.

Repository: https://mvnrepository.com/artifact/org.postgresql/postgresql

Critical 2

High 4

Moderate 2

Low 1

Type	Version	Distribution	# CVEs	# Advisory ID	Title	Severity	Published
Affected	>= 42.7.0, < 42.7.2 >= 42.6.0, < 42.6.1 >= 42.5.0, < 42.5.5 >= 42.4.0, < 42.4.4 >= 42.3.0, < 42.3.9 < 42.2.28		CVE-2024-1597	MAVEN:GHSA-24RP-Q3W6-VC56	org.postgresql:postgresql vulnerable to SQL Injection via line comment generation	critical	2024-02-21T23:33:43 (6 months ago)
Fixed	= 42.7.2 = 42.6.1 = 42.5.5 = 42.4.4 = 42.3.9 = 42.2.28		CVE-2024-1597	MAVEN:GHSA-24RP-Q3W6-VC56	org.postgresql:postgresql vulnerable to SQL Injection via line comment generation	critical	2024-02-21T23:33:43 (6 months ago)
Affected	>= 42.3.0, < 42.3.8 >= 42.5.0, < 42.5.1 >= 42.4.0, < 42.4.3 >= 42.2.0, < 42.2.27		CVE-2022-41946	MAVEN:GHSA-562R-VG33-8X8H	TemporaryFolder on unix-like systems does not limit access to created files	moderate	2022-11-23T22:17:25 (22 months ago)
Fixed	= 42.3.8 = 42.5.1 = 42.4.3 = 42.2.27		CVE-2022-41946	MAVEN:GHSA-562R-VG33-8X8H	TemporaryFolder on unix-like systems does not limit access to created files	moderate	2022-11-23T22:17:25 (22 months ago)
Affected	>= 42.1.0, < 42.3.3			MAVEN:GHSA-673J-QM5F-XPV8	pgjdbc Arbitrary File Write Vulnerability	moderate	2022-02-16T00:08:18 (2 years ago)
Fixed	= 42.3.3			MAVEN:GHSA-673J-QM5F-XPV8	pgjdbc Arbitrary File Write Vulnerability	moderate	2022-02-16T00:08:18 (2 years ago)
Affected	>= 42.1.0, < 42.3.3		CVE-2022-26520	MAVEN:GHSA-727H-HRW8-JG8Q	Path traversal in org.postgresql:postgresql	low	2022-03-11T00:02:02 (2 years ago)
Fixed	= 42.3.3		CVE-2022-26520	MAVEN:GHSA-727H-HRW8-JG8Q	Path traversal in org.postgresql:postgresql	low	2022-03-11T00:02:02 (2 years ago)
Affected	< 42.2.13		CVE-2020-13692	MAVEN:GHSA-88CC-G835-76RP	Improper Restriction of XML External Entity Reference	high	2022-02-10T00:30:07 (2 years ago)
Fixed	= 42.2.13		CVE-2020-13692	MAVEN:GHSA-88CC-G835-76RP	Improper Restriction of XML External Entity Reference	high	2022-02-10T00:30:07 (2 years ago)
Affected	< 8.2		CVE-2012-1618	MAVEN:GHSA-H86W-M5RM-XR33	Unescaped parameters in the PostgreSQL JDBC driver	high	2022-05-17T05:20:42 (2 years ago)
Fixed	= 8.2		CVE-2012-1618	MAVEN:GHSA-H86W-M5RM-XR33	Unescaped parameters in the PostgreSQL JDBC driver	high	2022-05-17T05:20:42 (2 years ago)
Affected	>= 42.3.0, < 42.3.7 >= 42.4.0, < 42.4.1 < 42.2.26		CVE-2022-31197	MAVEN:GHSA-R38F-C4H4-HQQ2	PostgreSQL JDBC Driver SQL Injection in ResultSet.refreshRow() with malicious column names	high	2022-08-06T05:51:38 (2 years ago)
Fixed	= 42.3.7 = 42.4.1 = 42.2.26		CVE-2022-31197	MAVEN:GHSA-R38F-C4H4-HQQ2	PostgreSQL JDBC Driver SQL Injection in ResultSet.refreshRow() with malicious column names	high	2022-08-06T05:51:38 (2 years ago)
Affected	>= 42.3.0, < 42.3.2 >= 9.4.1208, < 42.2.25		CVE-2022-21724	MAVEN:GHSA-V7WG-CPWC-24M4	pgjdbc Does Not Check Class Instantiation when providing Plugin Classes	high	2022-02-02T00:04:20 (2 years ago)
Fixed	= 42.3.2 = 42.2.25		CVE-2022-21724	MAVEN:GHSA-V7WG-CPWC-24M4	pgjdbc Does Not Check Class Instantiation when providing Plugin Classes	high	2022-02-02T00:04:20 (2 years ago)
Affected	< 42.2.8 >= 42.3.0, < 42.3.9 >= 42.4.0, < 42.4.4 >= 42.5.0, < 42.5.5 >= 42.6.0, < 42.6.1 >= 42.7.0, < 42.7.2			MAVEN:GHSA-XFG6-62PX-CXC2	Duplicate Advisory: SQL injection in pgjdbc	critical	2024-02-19T15:30:38 (7 months ago)
Fixed	= 42.2.8 = 42.3.9 = 42.4.4 = 42.5.5 = 42.6.1 = 42.7.2			MAVEN:GHSA-XFG6-62PX-CXC2	Duplicate Advisory: SQL injection in pgjdbc	critical	2024-02-19T15:30:38 (7 months ago)