GHSA-88cc-g835-76rp
Suggest an improvement- Source
- https://github.com/advisories/GHSA-88cc-g835-76rp
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-88cc-g835-76rp/GHSA-88cc-g835-76rp.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-88cc-g835-76rp
- Aliases
- Related
- Published
- 2022-02-10T00:30:07Z
- Modified
- 2024-05-15T07:01:17.956097Z
- Severity
-
- 7.7 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H CVSS Calculator
- Summary
- Improper Restriction of XML External Entity Reference
- Details
-
PostgreSQL JDBC Driver (aka PgJDBC) before 42.2.13 allows XXE.
- Database specific
{ "cwe_ids": [ "CWE-611" ], "nvd_published_at": "2020-06-04T16:15:00Z", "github_reviewed": true, "severity": "HIGH", "github_reviewed_at": "2021-04-14T21:31:45Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2020-13692
- https://github.com/pgjdbc/pgjdbc/commit/14b62aca4764d496813f55a43d050b017e01eb65
- https://jdbc.postgresql.org/documentation/changelog.html#version_42.2.13
- https://lists.apache.org/thread.html/r00bcc6b2da972e0d6332a4ebc7807e17305d8b8e7fb2ae63d2a3cbfb@%3Ccommits.camel.apache.org%3E
- https://lists.apache.org/thread.html/r01ae1b3d981cf2e563e9b5b0a6ea54fb3cac8e9a0512ee5269e3420e@%3Ccommits.camel.apache.org%3E
- https://lists.apache.org/thread.html/r0478a1aa9ae0dbd79d8f7b38d0d93fa933ac232e2b430b6f31a103c0@%3Ccommits.camel.apache.org%3E
- https://lists.apache.org/thread.html/r1aae77706aab7d89b4fe19be468fc3c73e9cc84ff79cc2c3bd07c05a@%3Ccommits.camel.apache.org%3E
- https://lists.apache.org/thread.html/r4bdea189c9991aae7a929d28f575ec46e49ed3d68fa5235825f38a4f@%3Cnotifications.netbeans.apache.org%3E
- https://lists.apache.org/thread.html/r631f967db6260d6178740a3314a35d9421facd8212e62320275fa78e@%3Ccommits.camel.apache.org%3E
- https://lists.apache.org/thread.html/r7f6d019839df17646ffd0046a99146cacf40492a6c92078f65fd32e0@%3Ccommits.camel.apache.org%3E
- https://lists.apache.org/thread.html/rb89f92aba44f524d5c270e0c44ca7aec4704691c37fe106cf73ec977@%3Cnotifications.netbeans.apache.org%3E
- https://lists.apache.org/thread.html/rfe363bf3a46d440ad57fd05c0e313025c7218364bbdc5fd8622ea7ae@%3Ccommits.camel.apache.org%3E
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCCAPM6FSNOC272DLSNQ6YHXS3OMHGJC
- https://security.netapp.com/advisory/ntap-20200619-0005
- https://www.debian.org/security/2022/dsa-5196
Affected packages
Maven / org.postgresql:postgresql
Package
- Name
- org.postgresql:postgresql
- View open source insights on deps.dev
- Purl
- pkg:maven/org.postgresql/postgresql
Affected versions
9.*
9.4.1212.jre6
9.4.1212.jre7
42.*
42.0.0
42.0.0.jre6
42.0.0.jre7
42.1.0
42.1.0.jre7
42.1.1
42.1.1.jre6
42.1.1.jre7
42.1.2
42.1.2.jre6
42.1.2.jre7
42.1.3
42.1.3.jre6
42.1.3.jre7
42.1.4
42.1.4.jre6
42.1.4.jre7
42.2.0
42.2.0.jre6
42.2.0.jre7
42.2.1
42.2.1.jre6
42.2.1.jre7
42.2.2
42.2.2.jre6
42.2.2.jre7
42.2.3
42.2.3.jre6
42.2.3.jre7
42.2.4
42.2.4.jre6
42.2.4.jre7
42.2.5
42.2.5.jre6
42.2.5.jre7
42.2.6
42.2.6.jre6
42.2.6.jre7
42.2.7
42.2.7.jre6
42.2.7.jre7
42.2.8
42.2.8.jre6
42.2.8.jre7
42.2.9
42.2.9.jre6
42.2.9.jre7
42.2.10
42.2.10.jre6
42.2.10.jre7
42.2.11
42.2.11.jre6
42.2.11.jre7
42.2.12
42.2.12.jre6
42.2.12.jre7