Password can be used past expiry in PgBouncer due to auth_query not taking into account Postgres its VALID UNTIL value, which allows an attacker to log in with an already expired password

Password can be used past expiry in PgBouncer due to auth_query not taking into account Postgres its VALID UNTIL value, which allows an attacker to log in with an already expired password

Password can be used past expiry in PgBouncer due to auth_query not ta ...

Уязвимость pgbouncer

Password can be used past expiry in PgBouncer due to auth_query not taking into account Postgres its VALID UNTIL value, which allows an attacker to log in with an already expired password

Уязвимость программы для пула соединения в PostgreSQL PgBouncer, связанная с недостатками процедуры аутентификации, позволяющая нарушителю получить несанкционированный доступ к приложению