Known Vulnerabilities for products from Pgbouncer
Listed below are 4 of the newest known vulnerabilities associated with the vendor "Pgbouncer".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-3935 | When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when... | 8.1 - HIGH | 2021-11-22 | 2023-11-07 |
| CVE-2021-3672 | A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers... | 5.6 - MEDIUM | 2021-11-23 | 2024-01-05 |
| CVE-2015-6817 | PgBouncer 1.6.x before 1.6.1, when configured with auth_user, allows remote attackers to gain login access as auth_user via a... | 8.1 - HIGH | 2017-05-23 | 2020-11-03 |
| CVE-2015-4054 | PgBouncer before 1.5.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by sending a... | 7.5 - HIGH | 2017-05-23 | 2020-11-03 |
Known software with vulnerabilities from Pgbouncer
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Pgbouncer | Pgbouncer | 1.0 |