Several security vulnerabilities have been found in libpgjava, the official PostgreSQL JDBC Driver. CVE-2020-13692 An XML External Entity weakness was found in PostgreSQL JDBC. CVE-2022-21724 The JDBC driver did not verify if certain classes implemented the expected interface before instantiating the class. This can lead to code execution loaded via arbitrary classes. CVE-2022-26520 An attacker can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties.