Debian Pgbouncer vulnerabilities

6 known vulnerabilities affecting debian/pgbouncer.

Total CVEs

6

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH5MEDIUM1

Vulnerabilities

Page 1 of 1

CVE-2025-2291HIGHCVSS 8.1fixed in pgbouncer 1.18.0-1+deb12u1 (bookworm)2025

CVE-2025-2291 [HIGH] CVE-2025-2291: pgbouncer - Password can be used past expiry in PgBouncer due to auth_query not taking into ... Password can be used past expiry in PgBouncer due to auth_query not taking into account Postgres its VALID UNTIL value, which allows an attacker to log in with an already expired password Scope: local bookworm: resolved (fixed in 1.18.0-1+deb12u1) bullseye: resolved (fixed in 1.15.0-1+deb11u1) forky: resolved (fixed in 1.24.1-1) sid: resolved (fixed in 1.24.1-1) tri

CVE-2025-12819HIGHCVSS 7.5fixed in pgbouncer 1.18.0-1+deb12u1 (bookworm)2025

CVE-2025-12819 [HIGH] CVE-2025-12819: pgbouncer - Untrusted search path in auth_query connection handler in PgBouncer before 1.25.... Untrusted search path in auth_query connection handler in PgBouncer before 1.25.1 allows an unauthenticated attacker to execute arbitrary SQL during authentication via a malicious search_path parameter in the StartupMessage. Scope: local bookworm: resolved (fixed in 1.18.0-1+deb12u1) bullseye: resolved (fixed in 1.15.0-1+deb11u2) forky: resolved (fixed in 1.25.1-1

CVE-2021-3935HIGHCVSS 8.1fixed in pgbouncer 1.16.1-1 (bookworm)2021

CVE-2021-3935 [HIGH] CVE-2021-3935: pgbouncer - When PgBouncer is configured to use "cert" authentication, a man-in-the-middle a... When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate verification and encryption. This flaw affects PgBouncer versions prior to 1.16.1. Scope: local bookworm: resolved (fixed in 1.16.1-1) bullseye: resolved (fixed in 1.15.0-1

CVE-2015-4054HIGHCVSS 7.5fixed in pgbouncer 1.5.5-1 (bookworm)2015

CVE-2015-4054 [HIGH] CVE-2015-4054: pgbouncer - PgBouncer before 1.5.5 allows remote attackers to cause a denial of service (NUL... PgBouncer before 1.5.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by sending a password packet before a startup packet. Scope: local bookworm: resolved (fixed in 1.5.5-1) bullseye: resolved (fixed in 1.5.5-1) forky: resolved (fixed in 1.5.5-1) sid: resolved (fixed in 1.5.5-1) trixie: resolved (fixed in 1.5.5-1)

CVE-2015-6817HIGHCVSS 8.1fixed in pgbouncer 1.6.1-1 (bookworm)2015

CVE-2015-6817 [HIGH] CVE-2015-6817: pgbouncer - PgBouncer 1.6.x before 1.6.1, when configured with auth_user, allows remote atta... PgBouncer 1.6.x before 1.6.1, when configured with auth_user, allows remote attackers to gain login access as auth_user via an unknown username. Scope: local bookworm: resolved (fixed in 1.6.1-1) bullseye: resolved (fixed in 1.6.1-1) forky: resolved (fixed in 1.6.1-1) sid: resolved (fixed in 1.6.1-1) trixie: resolved (fixed in 1.6.1-1)

CVE-2012-4575MEDIUMCVSS 5.0fixed in pgbouncer 1.5.2-4 (bookworm)2012

CVE-2012-4575 [MEDIUM] CVE-2012-4575: pgbouncer - The add_database function in objects.c in the pgbouncer pooler 1.5.2 for Postgre... The add_database function in objects.c in the pgbouncer pooler 1.5.2 for PostgreSQL allows remote attackers to cause a denial of service (daemon outage) via a long database name in a request. Scope: local bookworm: resolved (fixed in 1.5.2-4) bullseye: resolved (fixed in 1.5.2-4) forky: resolved (fixed in 1.5.2-4) sid: resolved (fixed in 1.5.2-4) trixie: resolved