org.postgresql:postgresql
Ecosystem:
maven
maven
Package URL:
pkg:maven/org.postgresql:postgresql
Total PRs:
2,941 Dependabot PRs
2,941 Dependabot PRs
Latest PR:
11 days ago
11 days ago
Unique Repositories:
1,213 repositories
1,213 repositories
Unique Repos (30 days):
5 repositories
5 repositories
Security Advisories
pgjdbc Arbitrary File Write Vulnerability
GHSA-673j-qm5f-xpv8
MODERATE
published over 4 years ago
• updated 10 days ago
### Overview
The connection properties for configuring a pgjdbc connection are not meant to be exposed to an unauthenticated attacker. While allowi...
PostgreSQL JDBC Driver SQL Injection in ResultSet.refreshRow() with malicious column names
GHSA-r38f-c4h4-hqq2
CVE-2022-31197
HIGH
published almost 4 years ago
• updated 4 days ago
### Impact
_What kind of vulnerability is it? Who is impacted?_
The PGJDBC implementation of the `java.sql.ResultRow.refreshRow()` method is not p...
TemporaryFolder on unix-like systems does not limit access to created files
GHSA-562r-vg33-8x8h
CVE-2022-41946
MODERATE
published over 3 years ago
• updated 10 days ago
**Vulnerability**
`PreparedStatement.setText(int, InputStream)`
and
`PreparedStatemet.setBytea(int, InputStream)`
will create a temporary file i...
pgjdbc Client Allows Fallback to Insecure Authentication Despite channelBinding=require Configuration
GHSA-hq9p-pm7w-8p54
CVE-2025-49146
HIGH
published about 1 year ago
• updated 16 days ago
### Impact
When the PostgreSQL JDBC driver is configured with channel binding set to `required` (default value is `prefer`), the driver would incor...
pgjdbc Does Not Check Class Instantiation when providing Plugin Classes
GHSA-v7wg-cpwc-24m4
CVE-2022-21724
HIGH
published over 4 years ago
• updated 4 days ago
### Impact
pgjdbc instantiates plugin instances based on class names provided via `authenticationPluginClassName`, `sslhostnameverifier`, `socketF...
Recent PRs (filtered by: Major PRs )
Bump the maven group across 12 directories with 10 updates
AKJUS/YCSB #59
9.4.1212.jre7 → 42.2.28.jre7
Major PR
Open
3 months ago
1 comment
Bump the maven group across 12 directories with 10 updates
ljishen/YCSB #6
9.4.1212.jre7 → 42.2.28.jre7
Major PR
Closed
3 months ago
1 comment
Bump org.postgresql:postgresql from 9.4.1207 to 42.3.9 in /UrnaEletronica
mourats/IFPB #1
9.4.1207 → 42.3.9
Major PR
Open
about 1 year ago
Bump org.postgresql:postgresql from 9.4.1208 to 42.3.9
9.4.1208 → 42.3.9
Major PR
Open
about 1 year ago
Package Details
| Name: | org.postgresql:postgresql |
| Ecosystem: | maven |
| PURL Type: | maven |
| Package URL: | pkg:maven/org.postgresql:postgresql |
| JSON API: | View JSON |
Security Advisories
Package Information
Description:
PostgreSQL JDBC Driver Postgresql
| Repository: | https://github.com/pgjdbc/pgjdbc |
| Homepage: | https://jdbc.postgresql.org |
| Latest Release: |
42.7.6
about 1 year ago |
| Dependent Repos: | 176,054 |
| Dependent Packages: | 3,652 |
| Ranking: | Top 0.0044% by dependent repos Top 0.0184% by dependent pkgs |