CVE-2024-1597 – pgjdbc SQL Injection via line comment generation
https://notcve.org/view.php?id=CVE-2024-1597
pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a string value after the first placeholder; both must be on the same line. • http://www.openwall.com/lists/oss-security/2024/04/02/6 https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-24rp-q3w6-vc56 https://lists.debian.org/debian-lts-announce/2024/05/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TZQTSMESZD2RJ5XBPSXH3TIQVUW5DIUU https://security.netapp.com/advisory/ntap-20240419-0008 https://www.enterprisedb.com/docs/jdbc_connector/latest/01_jdbc_rel_notes https://www.enterprisedb.com/docs/security/assessments/ • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2022-41946 – TemporaryFolder on unix-like systems does not limit access to created files in pgjdbc
https://notcve.org/view.php?id=CVE-2022-41946
pgjdbc is an open source postgresql JDBC Driver. In affected versions a prepared statement using either `PreparedStatement.setText(int, InputStream)` or `PreparedStatemet.setBytea(int, InputStream)` will create a temporary file if the InputStream is larger than 2k. This will create a temporary file which is readable by other users on Unix like systems, but not MacOS. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. • https://github.com/pgjdbc/pgjdbc/commit/9008dc9aade6dbfe4efafcd6872ebc55f4699cf5 https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-562r-vg33-8x8h https://lists.debian.org/debian-lts-announce/2022/12/msg00003.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/25TY2L3RMVNOC7VAHJEAO7PTT6M6JJAD https://security.netapp.com/advisory/ntap-20240329-0003 https://access.redhat.com/security/cve/CVE-2022-41946 https://bugzilla.redhat.com/show_bug.cgi?id=2153399 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-377: Insecure Temporary File CWE-668: Exposure of Resource to Wrong Sphere •