Showing 1 - 9 of 9

CVE-2024-1597

Status Candidate

Overview

pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a string value after the first placeholder; both must be on the same line. By constructing a matching string payload, the attacker can inject SQL to alter the query,bypassing the protections that parameterized queries bring against SQL Injection attacks. Versions before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.28 are affected.

Related Files

Red Hat Security Advisory 2024-5056-03: Posted Aug 7, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-5056-03 - Red Hat Integration Camel K 1.10.7 release and security update is now available.; tags | advisory; systems | linux, redhat; advisories | CVE-2024-1597; SHA-256 | d1c5b890ac6176e955b94d36df3a4661c584c55bb6ecd6eedd074fe15567441a; Download | Favorite | View

Red Hat Security Advisory 2024-4402-03: Posted Jul 9, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-4402-03 - An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.; tags | advisory; systems | linux, redhat; advisories | CVE-2024-1597; SHA-256 | 3b51382e90ad9788491149689dfd6205c274ed1e4577fadbf0d7abb297f44e2c; Download | Favorite | View

Red Hat Security Advisory 2024-4375-03: Posted Jul 9, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-4375-03 - An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.; tags | advisory; systems | linux, redhat; advisories | CVE-2024-1597; SHA-256 | 835affa306efdbf9b5137a5e931f462c1ba53b23ef83b211114e04d5adbb6bf4; Download | Favorite | View

Red Hat Security Advisory 2024-3313-03: Posted May 23, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-3313-03 - An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.; tags | advisory; systems | linux, redhat; advisories | CVE-2024-1597; SHA-256 | d57102c7a47c807ad88351d46d61609b22582731b534d31d6bbd8205bfba702c; Download | Favorite | View

Red Hat Security Advisory 2024-2624-03: Posted May 1, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-2624-03 - Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.2 Telecommunications Update Service.; tags | advisory; systems | linux, redhat; advisories | CVE-2024-1597; SHA-256 | 0edd91ece30ca46711455d5ddead69f637d7335163fabc69c08b4bb207a9a9b4; Download | Favorite | View

Red Hat Security Advisory 2024-1999-03: Posted Apr 24, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1999-03 - An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.; tags | advisory; systems | linux, redhat; advisories | CVE-2024-1597; SHA-256 | e6172a614675de1d5a0e6e1224bb3943e4eb1f85b309f9ca9694904179240619; Download | Favorite | View

Red Hat Security Advisory 2024-1649-03: Posted Apr 3, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1649-03 - An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.; tags | advisory; systems | linux, redhat; advisories | CVE-2024-1597; SHA-256 | 62a0ef3ad5c173528a19e3ebaf0fb9dab23253f7df72c82f913e85a4be46c9ef; Download | Favorite | View

Red Hat Security Advisory 2024-1436-03: Posted Mar 20, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1436-03 - An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 9.; tags | advisory; systems | linux, redhat; advisories | CVE-2024-1597; SHA-256 | 02d0a6672c512139d0bb4d6fc7f2b92b9058b48872bc197b36cefe481a911e7d; Download | Favorite | View

Red Hat Security Advisory 2024-1435-03: Posted Mar 20, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1435-03 - An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 8.; tags | advisory; systems | linux, redhat; advisories | CVE-2024-1597; SHA-256 | a14a7270d47decf25b1a645b77f5160f393fce72817511aefa6f5c77bcbe1a68; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 249 files
indoushka 168 files
Jay Turla 150 files
Ubuntu 89 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Gentoo 25 files
Karn Ganeshen 23 files

File Archives

Systems

AIX (430)
Apple (2,115)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,126)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,592)
HPUX (881)
iOS (390)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,362)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,911)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,882)
UNIX (9,459)
UnixWare (188)
Windows (6,777)
Other

CVE-2024-1597

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems