pkg:Debian/libpgjava

All known vulnerabilities

• CRITICAL10.0CVE-2024-1597org.postgresql:postgresql vulnerable to SQL Injection via line comment generation
  from 0, < 42.2.15-1+deb11u2
• CRITICAL10.0CVE-2024-1597org.postgresql:postgresql vulnerable to SQL Injection via line comment generation
  from 0, < 42.2.5-2+deb10u4
• CRITICAL9.8CVE-2022-26520Path traversal in org.postgresql:postgresql
  from 0, < 42.2.15-1+deb11u1
• HIGH8.2CVE-2025-49146pgjdbc Client Allows Fallback to Insecure Authentication Despite channelBinding=require Configuration
  from 0, < 42.7.7-1
• HIGH8.1CVE-2018-10936Moderate severity vulnerability that affects org.postgresql:pgjdbc-aggregate
  from 0, < 42.2.5-1
• HIGH7.7CVE-2020-13692Improper Restriction of XML External Entity Reference
  from 0, < 42.2.12-2
• HIGH7.5CVE-2026-42198pgjdbc: Unbounded PBKDF2 iterations in SCRAM authentication allows CPU exhaustion DoS
  from 0
• HIGH7.1CVE-2022-31197PostgreSQL JDBC Driver SQL Injection in ResultSet.refreshRow() with malicious column names
  from 0, < 42.2.5-2+deb10u2
• HIGH7.1CVE-2022-31197PostgreSQL JDBC Driver SQL Injection in ResultSet.refreshRow() with malicious column names
  from 0, < 42.2.15-1+deb11u2
• HIGH7.1CVE-2022-31197PostgreSQL JDBC Driver SQL Injection in ResultSet.refreshRow() with malicious column names
  from 0, < 42.2.15-1+deb11u2
• HIGH7.0CVE-2022-21724pgjdbc Does Not Check Class Instantiation when providing Plugin Classes
  from 0, < 42.2.5-2+deb10u1
• HIGH7.0CVE-2022-21724pgjdbc Does Not Check Class Instantiation when providing Plugin Classes
  from 0, < 42.2.15-1+deb11u1
• HIGH7.0CVE-2022-21724pgjdbc Does Not Check Class Instantiation when providing Plugin Classes
  from 0, < 9.4.1212-1+deb9u1
• MEDIUM4.7CVE-2022-41946TemporaryFolder on unix-like systems does not limit access to created files in pgjdbc
  from 0, < 42.2.5-2+deb10u3
• MEDIUM4.7CVE-2022-41946TemporaryFolder on unix-like systems does not limit access to created files in pgjdbc
  from 0, < 42.2.15-1+deb11u2