Showing 1 - 8 of 8

CVE-2024-1597

Status Candidate

Overview

pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a string value after the first placeholder; both must be on the same line. By constructing a matching string payload, the attacker can inject SQL to alter the query,bypassing the protections that parameterized queries bring against SQL Injection attacks. Versions before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.28 are affected.

Related Files

Red Hat Security Advisory 2024-4402-03: Posted Jul 9, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-4402-03 - An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.; tags | advisory; systems | linux, redhat; advisories | CVE-2024-1597; SHA-256 | 3b51382e90ad9788491149689dfd6205c274ed1e4577fadbf0d7abb297f44e2c; Download | Favorite | View

Red Hat Security Advisory 2024-4375-03: Posted Jul 9, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-4375-03 - An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.; tags | advisory; systems | linux, redhat; advisories | CVE-2024-1597; SHA-256 | 835affa306efdbf9b5137a5e931f462c1ba53b23ef83b211114e04d5adbb6bf4; Download | Favorite | View

Red Hat Security Advisory 2024-3313-03: Posted May 23, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-3313-03 - An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.; tags | advisory; systems | linux, redhat; advisories | CVE-2024-1597; SHA-256 | d57102c7a47c807ad88351d46d61609b22582731b534d31d6bbd8205bfba702c; Download | Favorite | View

Red Hat Security Advisory 2024-2624-03: Posted May 1, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-2624-03 - Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.2 Telecommunications Update Service.; tags | advisory; systems | linux, redhat; advisories | CVE-2024-1597; SHA-256 | 0edd91ece30ca46711455d5ddead69f637d7335163fabc69c08b4bb207a9a9b4; Download | Favorite | View

Red Hat Security Advisory 2024-1999-03: Posted Apr 24, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1999-03 - An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.; tags | advisory; systems | linux, redhat; advisories | CVE-2024-1597; SHA-256 | e6172a614675de1d5a0e6e1224bb3943e4eb1f85b309f9ca9694904179240619; Download | Favorite | View

Red Hat Security Advisory 2024-1649-03: Posted Apr 3, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1649-03 - An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.; tags | advisory; systems | linux, redhat; advisories | CVE-2024-1597; SHA-256 | 62a0ef3ad5c173528a19e3ebaf0fb9dab23253f7df72c82f913e85a4be46c9ef; Download | Favorite | View

Red Hat Security Advisory 2024-1436-03: Posted Mar 20, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1436-03 - An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 9.; tags | advisory; systems | linux, redhat; advisories | CVE-2024-1597; SHA-256 | 02d0a6672c512139d0bb4d6fc7f2b92b9058b48872bc197b36cefe481a911e7d; Download | Favorite | View

Red Hat Security Advisory 2024-1435-03: Posted Mar 20, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1435-03 - An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 8.; tags | advisory; systems | linux, redhat; advisories | CVE-2024-1597; SHA-256 | a14a7270d47decf25b1a645b77f5160f393fce72817511aefa6f5c77bcbe1a68; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 277 files
Ubuntu 101 files
indoushka 44 files
Jasper Nota 25 files
Gentoo 20 files
Willem Westerhof 19 files
Jim Blankendaal 11 files
Debian 11 files
Apple 10 files
Martijn Baalman 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,084)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,534)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,580)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,432)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,710)
UNIX (9,432)
UnixWare (187)
Windows (6,668)
Other

CVE-2024-1597

Overview

Related Files

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems