org.postgresql:postgresql vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-42198Highorg.postgresql:postgresql: pgjdbc: Unbounded PBKDF2 iterations in SCRAM authentication allows CPU exhaustion DoSCVE-2025-49146Highorg.postgresql:postgresql: pgjdbc Client Allows Fallback to Insecure Authentication Despite channelBinding=require ConfigurationCVE-2024-1597Criticalorg.postgresql:postgresql: org.postgresql:postgresql vulnerable to SQL Injection via line comment generationCVE-2022-41946Mediumorg.postgresql:postgresql: TemporaryFolder on unix-like systems does not limit access to created filesCVE-2022-31197Highorg.postgresql:postgresql: PostgreSQL JDBC Driver SQL Injection in ResultSet.refreshRow() with malicious column namesCVE-2012-1618Highorg.postgresql:postgresql: Unescaped parameters in the PostgreSQL JDBC driverCVE-2022-26520Loworg.postgresql:postgresql: Path traversal in org.postgresql:postgresqlGHSA-673J-QM5F-XPV8Mediumorg.postgresql:postgresql: pgjdbc Arbitrary File Write VulnerabilityCVE-2020-13692Highorg.postgresql:postgresql: Improper Restriction of XML External Entity ReferenceCVE-2022-21724Highorg.postgresql:postgresql: pgjdbc Does Not Check Class Instantiation when providing Plugin Classes

Stop the waste.
Protect your environment with Kodem.