DSA-5196-1 libpgjava -- libpgjavaID: oval:org.secpod.oval:def:86606 | Date: (C)2023-01-06 (M)2024-04-17 |
Class: PATCH | Family: unix |
Several security vulnerabilities have been found in libpgjava, the official PostgreSQL JDBC Driver. CVE-2020-13692 An XML External Entity weakness was found in PostgreSQL JDBC. CVE-2022-21724 The JDBC driver did not verify if certain classes implemented the expected interface before instantiating the class. This can lead to code execution loaded via arbitrary classes. CVE-2022-26520 An attacker can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties.
Platform: |
Linux Mint 4 |
Linux Mint 5 |
Product: |
libpostgresql-jdbc-java |