Postgresql Jdbc Driver Postgresql Jdbc Driver

Do you want an email whenever new security vulnerabilities are reported in Postgresql Jdbc Driver?

By the Year

In 2022 there have been 0 vulnerabilities in Postgresql Jdbc Driver . Postgresql Jdbc Driver did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2022 0 0.00
2021 0 0.00
2020 1 7.70
2019 0 0.00
2018 1 8.10

It may take a day or so for new Postgresql Jdbc Driver vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Postgresql Jdbc Driver Security Vulnerabilities

PostgreSQL JDBC Driver (aka PgJDBC) before 42.2.13

CVE-2020-13692 7.7 - High - June 04, 2020

PostgreSQL JDBC Driver (aka PgJDBC) before 42.2.13 allows XXE.

XXE

A weakness was found in postgresql-jdbc before version 42.2.5

CVE-2018-10936 8.1 - High - August 30, 2018

A weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and not check the host name if a host name verifier was not provided to the driver. This could lead to a condition where a man-in-the-middle attacker could masquerade as a trusted server by providing a certificate for the wrong host, as long as it was signed by a trusted CA.

Improper Validation of Certificate with Host Mismatch

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Red Hat Virtualization or by PostgreSQL? Click the Watch button to subscribe.

PostgreSQL
Vendor

subscribe