Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-ba8g-gn36-7bdp

Summary

PostgreSQL JDBC Driver SQL Injection in ResultSet.refreshRow() with malicious column names
### Impact
_What kind of vulnerability is it? Who is impacted?_

The PGJDBC implementation of the `java.sql.ResultRow.refreshRow()` method is not performing escaping of column names so a malicious column name that contains a statement terminator, e.g. `;`, could lead to SQL injection. This could lead to executing additional SQL commands as the application's JDBC user.

User applications that do not invoke the `ResultSet.refreshRow()` method are not impacted.

User application that do invoke that method are impacted if the underlying database that they are querying via their JDBC application may be under the control of an attacker. The attack requires the attacker to trick the user into executing SQL against a table name who's column names would contain the malicious SQL and subsequently invoke the `refreshRow()` method on the ResultSet.

For example:

```sql
CREATE TABLE refresh_row_example (
  id     int PRIMARY KEY,
  "1 FROM refresh_row_example; SELECT pg_sleep(10); SELECT * " int
);
```

This example has a table with two columns. The name of the second column is crafted to contain a statement terminator followed by additional SQL. Invoking the `ResultSet.refreshRow()` on a ResultSet that queried this table, e.g. `SELECT * FROM refresh_row`, would cause the additional SQL commands such as the `SELECT pg_sleep(10)` invocation to be executed.

As the multi statement command would contain multiple results, it would not be possible for the attacker to get data directly out of this approach as the `ResultSet.refreshRow()` method would throw an exception. However, the attacker could execute any arbitrary SQL including inserting the data into another table that could then be read or any other DML / DDL statement.

Note that the application's JDBC user and the schema owner need not be the same. A JDBC application that executes as a privileged user querying database schemas owned by potentially malicious less-privileged users would be vulnerable. In that situation it may be possible for the malicious user to craft a schema that causes the application to execute commands as the privileged user.

### Patches
_Has the problem been patched? What versions should users upgrade to?_

Yes, versions 42.2.26, 42.3.7, and 42.4.1 have been released with a fix.

### Workarounds
_Is there a way for users to fix or remediate the vulnerability without upgrading?_

Check that you are not using the `ResultSet.refreshRow()` method.

If you are, ensure that the code that executes that method does not connect to a database that is controlled by an unauthenticated or malicious user. If your application only connects to its own database with a fixed schema with no DDL permissions, then you will not be affected by this vulnerability as it requires a maliciously crafted schema.

Aliases

alias	CVE-2022-31197

alias	GHSA-r38f-c4h4-hqq2

Fixed_packages

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=x86&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86_64&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86_64&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=x86_64&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armhf&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armhf&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=armhf&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armv7&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armv7&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=armv7&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armhf&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armhf&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=armhf&distroversion=v3.17&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armv7&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armv7&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=armv7&distroversion=v3.17&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=x86&distroversion=v3.17&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86_64&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86_64&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=x86_64&distroversion=v3.17&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86_64&distroversion=v3.16&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86_64&distroversion=v3.16&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=x86_64&distroversion=v3.16&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=aarch64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=aarch64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=aarch64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=s390x&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=s390x&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=s390x&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=x86&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=s390x&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=s390x&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=s390x&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=x86&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=ppc64le&distroversion=edge&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=ppc64le&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=ppc64le&distroversion=edge&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=riscv64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=riscv64&distroversion=edge&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=aarch64&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=aarch64&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=aarch64&distroversion=v3.18&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86_64&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86_64&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=x86_64&distroversion=v3.18&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armhf&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armhf&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=armhf&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armv7&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armv7&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86_64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86_64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=x86_64&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armv7&distroversion=v3.16&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armv7&distroversion=v3.16&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=armv7&distroversion=v3.16&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=aarch64&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=aarch64&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=aarch64&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armhf&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armhf&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=armhf&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armv7&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armv7&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=armv7&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=ppc64le&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=ppc64le&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=ppc64le&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=s390x&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=s390x&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=s390x&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=aarch64&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=aarch64&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=aarch64&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=ppc64le&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=ppc64le&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=riscv64&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=riscv64&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=riscv64&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=s390x&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=s390x&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=s390x&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=x86&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86_64&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86_64&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=x86_64&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=aarch64&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=aarch64&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=aarch64&distroversion=v3.17&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=ppc64le&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=ppc64le&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=ppc64le&distroversion=v3.17&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=s390x&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=s390x&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=s390x&distroversion=v3.17&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=aarch64&distroversion=v3.16&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=aarch64&distroversion=v3.16&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=aarch64&distroversion=v3.16&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armhf&distroversion=v3.16&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armhf&distroversion=v3.16&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=armhf&distroversion=v3.16&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=ppc64le&distroversion=v3.16&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=ppc64le&distroversion=v3.16&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=ppc64le&distroversion=v3.16&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=s390x&distroversion=v3.16&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=s390x&distroversion=v3.16&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=s390x&distroversion=v3.16&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86&distroversion=v3.16&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86&distroversion=v3.16&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=x86&distroversion=v3.16&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armhf&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armhf&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=armhf&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armv7&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armv7&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=armv7&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=loongarch64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=loongarch64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=ppc64le&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=ppc64le&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=ppc64le&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=riscv64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86_64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86_64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=x86_64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=aarch64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=aarch64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=aarch64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armhf&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armhf&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=armhf&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=armv7&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=loongarch64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=loongarch64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=loongarch64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=ppc64le&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=ppc64le&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=riscv64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=riscv64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=riscv64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86_64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86_64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=x86_64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=aarch64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=aarch64&distroversion=edge&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armhf&distroversion=edge&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armhf&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=armhf&distroversion=edge&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armv7&distroversion=edge&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armv7&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=armv7&distroversion=edge&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=loongarch64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=loongarch64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=loongarch64&distroversion=edge&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=s390x&distroversion=edge&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=s390x&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=s390x&distroversion=edge&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=x86&distroversion=edge&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86_64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=x86_64&distroversion=edge&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armhf&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armhf&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=armhf&distroversion=v3.18&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armv7&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=armv7&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=armv7&distroversion=v3.18&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=ppc64le&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=ppc64le&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=ppc64le&distroversion=v3.18&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=s390x&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=s390x&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=s390x&distroversion=v3.18&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=x86&distroversion=v3.18&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=aarch64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=aarch64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=aarch64&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=loongarch64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=loongarch64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=loongarch64&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=ppc64le&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=ppc64le&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=ppc64le&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=riscv64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=riscv64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=riscv64&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=s390x&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=s390x&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=s390x&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0?arch=x86&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/java-postgresql-jdbc@42.4.2-r0%3Farch=x86&distroversion=v3.21&reponame=community

url pkg:deb/debian/libpgjava@42.2.15-1%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libpgjava@42.2.15-1%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hada-xkcc-8fch

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpgjava@42.2.15-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/libpgjava@42.2.15-1%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/libpgjava@42.2.15-1%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpgjava@42.2.15-1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/libpgjava@42.4.1-1?distro=trixie
purl	pkg:deb/debian/libpgjava@42.4.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpgjava@42.4.1-1%3Fdistro=trixie

url pkg:deb/debian/libpgjava@42.5.5-0%2Bdeb12u1

purl pkg:deb/debian/libpgjava@42.5.5-0%2Bdeb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hada-xkcc-8fch

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpgjava@42.5.5-0%252Bdeb12u1

url pkg:deb/debian/libpgjava@42.5.5-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/libpgjava@42.5.5-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hada-xkcc-8fch

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpgjava@42.5.5-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/libpgjava@42.7.7-1?distro=trixie

purl pkg:deb/debian/libpgjava@42.7.7-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hada-xkcc-8fch

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpgjava@42.7.7-1%3Fdistro=trixie

url pkg:deb/debian/libpgjava@42.7.10-1?distro=trixie

purl pkg:deb/debian/libpgjava@42.7.10-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hada-xkcc-8fch

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpgjava@42.7.10-1%3Fdistro=trixie

url	pkg:deb/debian/libpgjava@42.7.11-1?distro=trixie
purl	pkg:deb/debian/libpgjava@42.7.11-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpgjava@42.7.11-1%3Fdistro=trixie

url pkg:maven/org.postgresql/postgresql@42.2.26

purl pkg:maven/org.postgresql/postgresql@42.2.26

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hpc5-vtmd-gub5

vulnerability	VCID-qub7-qp14-uqcg

vulnerability	VCID-uzj4-puvz-zfgh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.postgresql/postgresql@42.2.26

url pkg:maven/org.postgresql/postgresql@42.3.7

purl pkg:maven/org.postgresql/postgresql@42.3.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qub7-qp14-uqcg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.postgresql/postgresql@42.3.7

url pkg:maven/org.postgresql/postgresql@42.4.1

purl pkg:maven/org.postgresql/postgresql@42.4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qub7-qp14-uqcg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.postgresql/postgresql@42.4.1

Affected_packages

url pkg:deb/debian/libpgjava@6.3.2-1

purl pkg:deb/debian/libpgjava@6.3.2-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6r4u-tem9-vkey

vulnerability	VCID-6z5w-j6xv-fffz

vulnerability	VCID-7p16-8nb5-kucz

vulnerability	VCID-ba8g-gn36-7bdp

vulnerability	VCID-hpc5-vtmd-gub5

vulnerability	VCID-qub7-qp14-uqcg

vulnerability	VCID-vdtn-ek54-nqh6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpgjava@6.3.2-1

url pkg:deb/debian/libpgjava@6.3.2-2

purl pkg:deb/debian/libpgjava@6.3.2-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6r4u-tem9-vkey

vulnerability	VCID-6z5w-j6xv-fffz

vulnerability	VCID-7p16-8nb5-kucz

vulnerability	VCID-ba8g-gn36-7bdp

vulnerability	VCID-hpc5-vtmd-gub5

vulnerability	VCID-qub7-qp14-uqcg

vulnerability	VCID-vdtn-ek54-nqh6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpgjava@6.3.2-2

url pkg:deb/debian/libpgjava@6.5.3-2

purl pkg:deb/debian/libpgjava@6.5.3-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6r4u-tem9-vkey

vulnerability	VCID-6z5w-j6xv-fffz

vulnerability	VCID-7p16-8nb5-kucz

vulnerability	VCID-ba8g-gn36-7bdp

vulnerability	VCID-hpc5-vtmd-gub5

vulnerability	VCID-qub7-qp14-uqcg

vulnerability	VCID-vdtn-ek54-nqh6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpgjava@6.5.3-2

url pkg:deb/debian/libpgjava@7.2-1

purl pkg:deb/debian/libpgjava@7.2-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6r4u-tem9-vkey

vulnerability	VCID-6z5w-j6xv-fffz

vulnerability	VCID-7p16-8nb5-kucz

vulnerability	VCID-ba8g-gn36-7bdp

vulnerability	VCID-hpc5-vtmd-gub5

vulnerability	VCID-qub7-qp14-uqcg

vulnerability	VCID-vdtn-ek54-nqh6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpgjava@7.2-1

url pkg:deb/debian/libpgjava@7.4.7-3

purl pkg:deb/debian/libpgjava@7.4.7-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6r4u-tem9-vkey

vulnerability	VCID-6z5w-j6xv-fffz

vulnerability	VCID-7p16-8nb5-kucz

vulnerability	VCID-ba8g-gn36-7bdp

vulnerability	VCID-hpc5-vtmd-gub5

vulnerability	VCID-qub7-qp14-uqcg

vulnerability	VCID-vdtn-ek54-nqh6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpgjava@7.4.7-3

url pkg:deb/debian/libpgjava@8.1-405-1

purl pkg:deb/debian/libpgjava@8.1-405-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6r4u-tem9-vkey

vulnerability	VCID-6z5w-j6xv-fffz

vulnerability	VCID-7p16-8nb5-kucz

vulnerability	VCID-ba8g-gn36-7bdp

vulnerability	VCID-hpc5-vtmd-gub5

vulnerability	VCID-qub7-qp14-uqcg

vulnerability	VCID-vdtn-ek54-nqh6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpgjava@8.1-405-1

url pkg:deb/debian/libpgjava@8.2-504-2

purl pkg:deb/debian/libpgjava@8.2-504-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6r4u-tem9-vkey

vulnerability	VCID-6z5w-j6xv-fffz

vulnerability	VCID-7p16-8nb5-kucz

vulnerability	VCID-ba8g-gn36-7bdp

vulnerability	VCID-hpc5-vtmd-gub5

vulnerability	VCID-qub7-qp14-uqcg

vulnerability	VCID-vdtn-ek54-nqh6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpgjava@8.2-504-2

url pkg:deb/debian/libpgjava@8.4-701-1

purl pkg:deb/debian/libpgjava@8.4-701-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6r4u-tem9-vkey

vulnerability	VCID-6z5w-j6xv-fffz

vulnerability	VCID-7p16-8nb5-kucz

vulnerability	VCID-ba8g-gn36-7bdp

vulnerability	VCID-hpc5-vtmd-gub5

vulnerability	VCID-qub7-qp14-uqcg

vulnerability	VCID-vdtn-ek54-nqh6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpgjava@8.4-701-1

url pkg:deb/debian/libpgjava@9.1-901-2

purl pkg:deb/debian/libpgjava@9.1-901-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6r4u-tem9-vkey

vulnerability	VCID-6z5w-j6xv-fffz

vulnerability	VCID-7p16-8nb5-kucz

vulnerability	VCID-ba8g-gn36-7bdp

vulnerability	VCID-hpc5-vtmd-gub5

vulnerability	VCID-qub7-qp14-uqcg

vulnerability	VCID-vdtn-ek54-nqh6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpgjava@9.1-901-2

url pkg:deb/debian/libpgjava@9.2-1002-1

purl pkg:deb/debian/libpgjava@9.2-1002-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6r4u-tem9-vkey

vulnerability	VCID-6z5w-j6xv-fffz

vulnerability	VCID-7p16-8nb5-kucz

vulnerability	VCID-ba8g-gn36-7bdp

vulnerability	VCID-hpc5-vtmd-gub5

vulnerability	VCID-qub7-qp14-uqcg

vulnerability	VCID-vdtn-ek54-nqh6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpgjava@9.2-1002-1

url pkg:deb/debian/libpgjava@9.4.1212-1

purl pkg:deb/debian/libpgjava@9.4.1212-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6r4u-tem9-vkey

vulnerability	VCID-6z5w-j6xv-fffz

vulnerability	VCID-7p16-8nb5-kucz

vulnerability	VCID-ba8g-gn36-7bdp

vulnerability	VCID-hpc5-vtmd-gub5

vulnerability	VCID-qub7-qp14-uqcg

vulnerability	VCID-vdtn-ek54-nqh6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpgjava@9.4.1212-1

url pkg:deb/debian/libpgjava@42.2.5-2%2Bdeb10u1

purl pkg:deb/debian/libpgjava@42.2.5-2%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6r4u-tem9-vkey

vulnerability	VCID-7p16-8nb5-kucz

vulnerability	VCID-ba8g-gn36-7bdp

vulnerability	VCID-hpc5-vtmd-gub5

vulnerability	VCID-qub7-qp14-uqcg

vulnerability	VCID-vdtn-ek54-nqh6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpgjava@42.2.5-2%252Bdeb10u1

url pkg:deb/debian/libpgjava@42.2.15-1%2Bdeb11u1

purl pkg:deb/debian/libpgjava@42.2.15-1%2Bdeb11u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6r4u-tem9-vkey

vulnerability	VCID-ba8g-gn36-7bdp

vulnerability	VCID-hada-xkcc-8fch

vulnerability	VCID-qub7-qp14-uqcg

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpgjava@42.2.15-1%252Bdeb11u1

url pkg:maven/org.postgresql/postgresql@42.3.0

purl pkg:maven/org.postgresql/postgresql@42.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6r4u-tem9-vkey

vulnerability	VCID-7p16-8nb5-kucz

vulnerability	VCID-ba8g-gn36-7bdp

vulnerability	VCID-hpc5-vtmd-gub5

vulnerability	VCID-qub7-qp14-uqcg

vulnerability	VCID-rwwd-8qgf-f3ac

vulnerability	VCID-uzj4-puvz-zfgh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.postgresql/postgresql@42.3.0

url pkg:maven/org.postgresql/postgresql@42.4.0

purl pkg:maven/org.postgresql/postgresql@42.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6r4u-tem9-vkey

vulnerability	VCID-ba8g-gn36-7bdp

vulnerability	VCID-qub7-qp14-uqcg

vulnerability	VCID-rwwd-8qgf-f3ac

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.postgresql/postgresql@42.4.0

url pkg:rpm/redhat/postgresql-jdbc@42.2.18-6?arch=el9_1

purl pkg:rpm/redhat/postgresql-jdbc@42.2.18-6?arch=el9_1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ba8g-gn36-7bdp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/postgresql-jdbc@42.2.18-6%3Farch=el9_1

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31197.json

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31197.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-31197

reference_id

reference_type

scores

value	0.02768
scoring_system	epss
scoring_elements	0.86117
published_at	2026-05-07T12:55:00Z

value	0.02768
scoring_system	epss
scoring_elements	0.86076
published_at	2026-04-29T12:55:00Z

value	0.02768
scoring_system	epss
scoring_elements	0.86095
published_at	2026-05-05T12:55:00Z

value	0.03307
scoring_system	epss
scoring_elements	0.87332
published_at	2026-05-09T12:55:00Z

value	0.03307
scoring_system	epss
scoring_elements	0.87374
published_at	2026-05-14T12:55:00Z

value	0.03307
scoring_system	epss
scoring_elements	0.8734
published_at	2026-05-12T12:55:00Z

value	0.03307
scoring_system	epss
scoring_elements	0.87326
published_at	2026-05-11T12:55:00Z

value	0.03579
scoring_system	epss
scoring_elements	0.87711
published_at	2026-04-07T12:55:00Z

value	0.03579
scoring_system	epss
scoring_elements	0.87749
published_at	2026-04-11T12:55:00Z

value	0.03579
scoring_system	epss
scoring_elements	0.87738
published_at	2026-04-09T12:55:00Z

value	0.03579
scoring_system	epss
scoring_elements	0.87732
published_at	2026-04-08T12:55:00Z

value	0.03579
scoring_system	epss
scoring_elements	0.87697
published_at	2026-04-02T12:55:00Z

value	0.03579
scoring_system	epss
scoring_elements	0.87709
published_at	2026-04-04T12:55:00Z

value	0.03579
scoring_system	epss
scoring_elements	0.87776
published_at	2026-04-26T12:55:00Z

value	0.03579
scoring_system	epss
scoring_elements	0.8777
published_at	2026-04-24T12:55:00Z

value	0.03579
scoring_system	epss
scoring_elements	0.87753
published_at	2026-04-21T12:55:00Z

value	0.03579
scoring_system	epss
scoring_elements	0.87754
published_at	2026-04-18T12:55:00Z

value	0.03579
scoring_system	epss
scoring_elements	0.87755
published_at	2026-04-16T12:55:00Z

value	0.03579
scoring_system	epss
scoring_elements	0.87741
published_at	2026-04-13T12:55:00Z

value	0.03579
scoring_system	epss
scoring_elements	0.87743
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-31197

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31197
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31197

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/pgjdbc/pgjdbc

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pgjdbc/pgjdbc

reference_url

https://github.com/pgjdbc/pgjdbc/commit/739e599d52ad80f8dcd6efedc6157859b1a9d637

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:42:38Z/

url

https://github.com/pgjdbc/pgjdbc/commit/739e599d52ad80f8dcd6efedc6157859b1a9d637

reference_url

https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:42:38Z/

url

https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2

reference_url

https://lists.debian.org/debian-lts-announce/2022/10/msg00009.html

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:42:38Z/

url

https://lists.debian.org/debian-lts-announce/2022/10/msg00009.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/12/msg00017.html

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2024/12/msg00017.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6WHUADTZBBQLVHO4YG4XCWDGWBT4LRP

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6WHUADTZBBQLVHO4YG4XCWDGWBT4LRP

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTFE6SV33P5YYU2GNTQZQKQRVR3GYE4S

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTFE6SV33P5YYU2GNTQZQKQRVR3GYE4S

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6WHUADTZBBQLVHO4YG4XCWDGWBT4LRP

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6WHUADTZBBQLVHO4YG4XCWDGWBT4LRP

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTFE6SV33P5YYU2GNTQZQKQRVR3GYE4S

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTFE6SV33P5YYU2GNTQZQKQRVR3GYE4S

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-31197

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-31197

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016662
reference_id	1016662
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016662

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2129428
reference_id	2129428
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2129428

reference_url

https://github.com/advisories/GHSA-r38f-c4h4-hqq2

reference_id

GHSA-r38f-c4h4-hqq2

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-r38f-c4h4-hqq2

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6WHUADTZBBQLVHO4YG4XCWDGWBT4LRP/

reference_id

I6WHUADTZBBQLVHO4YG4XCWDGWBT4LRP

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:42:38Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6WHUADTZBBQLVHO4YG4XCWDGWBT4LRP/

reference_url	https://access.redhat.com/errata/RHSA-2022:8652
reference_id	RHSA-2022:8652
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8652

reference_url	https://access.redhat.com/errata/RHSA-2022:9023
reference_id	RHSA-2022:9023
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:9023

reference_url	https://access.redhat.com/errata/RHSA-2023:0318
reference_id	RHSA-2023:0318
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0318

reference_url	https://access.redhat.com/errata/RHSA-2023:1006
reference_id	RHSA-2023:1006
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1006

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTFE6SV33P5YYU2GNTQZQKQRVR3GYE4S/

reference_id

UTFE6SV33P5YYU2GNTQZQKQRVR3GYE4S

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:42:38Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTFE6SV33P5YYU2GNTQZQKQRVR3GYE4S/

Weaknesses

cwe_id	89
name	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
description	The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

Exploits

Severity_range_score 7.0 - 8.9

Exploitability 0.5

Weighted_severity 8.0

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ba8g-gn36-7bdp

Vulnerability Instance