Опубликовано: 23 мая 2017
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.8
CVSS3: 8.1
Описание
PgBouncer 1.6.x before 1.6.1, when configured with auth_user, allows remote attackers to gain login access as auth_user via an unknown username.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | pre 1.6 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [pre 1.6]] |
| precise | not-affected | pre 1.6 |
| trusty | not-affected | pre 1.6 |
| trusty/esm | DNE | trusty was not-affected [pre 1.6] |
| upstream | released | 1.6.1-1 |
| vivid | not-affected | pre 1.6 |
Показывать по
10
EPSS
Процентиль: 80%
0.01367
Низкий
6.8 Medium
CVSS2
8.1 High
CVSS3
Связанные уязвимости
CVSS3: 8.1
nvd
больше 8 лет назад
PgBouncer 1.6.x before 1.6.1, when configured with auth_user, allows remote attackers to gain login access as auth_user via an unknown username.
CVSS3: 8.1
debian
больше 8 лет назад
PgBouncer 1.6.x before 1.6.1, when configured with auth_user, allows r ...
CVSS3: 8.1
github
больше 3 лет назад
PgBouncer 1.6.x before 1.6.1, when configured with auth_user, allows remote attackers to gain login access as auth_user via an unknown username.
EPSS
Процентиль: 80%
0.01367
Низкий
6.8 Medium
CVSS2
8.1 High
CVSS3