VYPR

rpm package

suse/postgresql-jdbc&distro=SUSE Manager Server Module 4.0

pkg:rpm/suse/postgresql-jdbc&distro=SUSE%20Manager%20Server%20Module%204.0

Vulnerabilities (2)

  • CVE-2020-13692Jun 4, 2020
    affected < 42.2.10-3.3.1fixed 42.2.10-3.3.1

    PostgreSQL JDBC Driver (aka PgJDBC) before 42.2.13 allows XXE.

  • CVE-2018-10936HigAug 30, 2018
    affected < 42.2.10-3.3.1fixed 42.2.10-3.3.1

    A weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and not check the host name if a host name verifier was not provided to the driver. This could lead to a condition where a man-in-the-middle attacker could masquerade as a tru