Known Vulnerabilities for products from Pgbouncer
Listed below are 4 of the newest known vulnerabilities associated with the vendor "Pgbouncer".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-3935 json | When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when... | 8.1 - HIGH | 2021-11-22 | 2023-11-07 |
| CVE-2021-3672 json | A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers... | 5.6 - MEDIUM | 2021-11-23 | 2024-01-05 |
| CVE-2015-6817 json | PgBouncer 1.6.x before 1.6.1, when configured with auth_user, allows remote attackers to gain login access as auth_user via a... | 8.1 - HIGH | 2017-05-23 | 2020-11-03 |
| CVE-2015-4054 json | PgBouncer before 1.5.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by sending a... | 7.5 - HIGH | 2017-05-23 | 2020-11-03 |
Known software with vulnerabilities from Pgbouncer
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Pgbouncer | Pgbouncer | 1.0 |