apk package
wolfi/mariadb-10.6-test
pkg:apk/wolfi/mariadb-10.6-test
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-1597 | — | < 10.6.17-r0 | 10.6.17-r0 | Feb 19, 2024 | pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeh | ||
| CVE-2022-47015 | — | < 0 | 0 | Jan 20, 2023 | MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer. | ||
| CVE-2022-31197 | — | < 10.6.18-r2 | 10.6.18-r2 | Aug 3, 2022 | PostgreSQL JDBC Driver (PgJDBC for short) allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. The PGJDBC implementation of the `java.sql.ResultRow.refreshRow()` method is not performing escaping of column names so a malicious c | ||
| CVE-2022-21724 | — | < 10.6.18-r2 | 10.6.18-r2 | Feb 2, 2022 | pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin |
- CVE-2024-1597Feb 19, 2024affected < 10.6.17-r0fixed 10.6.17-r0
pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeh
- CVE-2022-47015Jan 20, 2023affected < 0fixed 0
MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer.
- CVE-2022-31197Aug 3, 2022affected < 10.6.18-r2fixed 10.6.18-r2
PostgreSQL JDBC Driver (PgJDBC for short) allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. The PGJDBC implementation of the `java.sql.ResultRow.refreshRow()` method is not performing escaping of column names so a malicious c
- CVE-2022-21724Feb 2, 2022affected < 10.6.18-r2fixed 10.6.18-r2
pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin