FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-19 19:12:13 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
aeb4c85b-3600-11ed-b52d-589cfc007716	puppetdb -- Potential SQL injection Puppet reports: The org.postgresql/postgresql driver has been updated to version 42.4.1 to address CVE-2022-31197, which is an SQL injection risk that according to the CVE report, can only be exploited if an attacker controls the database to the extent that they can adjust relevant tables to have "malicious" column names. Discovery 2022-08-03 Entry 2022-09-16 puppetdb6 < 6.22.1 puppetdb7 < 7.11.1 CVE-2022-31197 https://nvd.nist.gov/vuln/detail/CVE-2022-31197 https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2

VuXML ID

Description

aeb4c85b-3600-11ed-b52d-589cfc007716

puppetdb -- Potential SQL injection

Puppet reports:

The org.postgresql/postgresql driver has been updated to version 42.4.1 to address CVE-2022-31197, which is an SQL injection risk that according to the CVE report, can only be exploited if an attacker controls the database to the extent that they can adjust relevant tables to have "malicious" column names.

Discovery 2022-08-03
Entry 2022-09-16
puppetdb6

< 6.22.1

puppetdb7

< 7.11.1

CVE-2022-31197
https://nvd.nist.gov/vuln/detail/CVE-2022-31197
https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2