A flaw was found in PostgreSQL JDBC in versions prior to 42.2.13. An XML External Entity (XXE) weakness was found in PostgreSQL JDBC. The highest threat from this vulnerability is to data confidentiality and system availability.
Platform | Package | Release Date | Advisory |
---|---|---|---|
Amazon Linux 1 | postgresql-jdbc | 2021-09-02 22:54 | ALAS-2021-1533 |
Amazon Linux 2 - Core | postgresql-jdbc | 2020-09-01 00:40 | ALAS2-2020-1482 |
Score Type | Score | Vector | |
---|---|---|---|
Amazon Linux | CVSSv3 | 7.7 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H |
NVD | CVSSv2 | 6.8 | AV:N/AC:M/Au:N/C:P/I:P/A:P |
NVD | CVSSv3 | 7.7 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H |