VYPR

libpgjava

by Debian

CVEs (1)

  • CVE-2026-54291Jul 7, 2026
    risk 0.00cvss epss

    pgjdbc is an open source postgresql JDBC Driver. In releases 42.7.4 through 42.7.11, channelBinding=require connections can be silently downgraded from SCRAM-SHA-256-PLUS with channel binding to plain SCRAM-SHA-256 without it, losing the man-in-the-middle protection the setting…