Uploaded image for project: 'FOLIO'
  1. FOLIO
  2. FOLIO-3458

spring-module-core: postgresql Remote Code Execution (CVE-2022-21724)

    XMLWordPrintable

Details

    • None
    • TBD

    Description

      https://github.com/folio-org/spring-module-core uses org.postgresql:postgresql@42.2.23 JDBC driver: https://github.com/folio-org/spring-module-core/blob/main/domain/pom.xml#L49-L52

      org.postgresql:postgresql version before 42.2.25 and before 42.3.2 are vulnerable to Remote Code Execution (RCE) when using certain plugin features: https://nvd.nist.gov/vuln/detail/CVE-2022-21724

      TestRail: Results

        Attachments

          Issue Links

            Activity

              People

                wwelling William Welling
                julianladisch Julian Ladisch
                Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  TestRail: Runs

                    TestRail: Cases