MidnightBSD

Advisories for pgbouncer

CVE-2015-4054 MEDIUM

PgBouncer before 1.5.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by sending a password packet before a startup packet.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
pgbouncer pgbouncer *
CVE-2015-6817 MEDIUM

PgBouncer 1.6.x before 1.6.1, when configured with auth_user, allows remote attackers to gain login access as auth_user via an unknown username.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
pgbouncer pgbouncer 1.6
CVE-2021-3672 MEDIUM

A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.6 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L 2.2 3.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
fedoraproject fedora 34
redhat enterprise_linux_for_power_little_endian_eus 8.1
redhat enterprise_linux_eus 8.2
siemens sinec_infrastructure_network_services *
pgbouncer pgbouncer *
redhat enterprise_linux_computer_node 1
fedoraproject fedora 33
redhat enterprise_linux_server_aus 8.2
c-ares_project c-ares *
redhat enterprise_linux_server_update_services_for_sap_solutions 8.1
redhat enterprise_linux_for_power_little_endian_eus 8.4
redhat enterprise_linux_eus 8.4
redhat enterprise_linux 7.0
redhat enterprise_linux_server_update_services_for_sap_solutions 8.4
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_tus 8.4
redhat enterprise_linux 7.7
redhat enterprise_linux_server_tus 8.2
redhat enterprise_linux 8.0
redhat enterprise_linux_for_ibm_z_systems 8.0
redhat enterprise_linux_for_ibm_z_systems_eus 8.4
redhat enterprise_linux_for_power_little_endian 8.0
redhat enterprise_linux_workstation 1
redhat enterprise_linux_server_aus 8.4
redhat enterprise_linux_server_update_services_for_sap_solutions 8.2
redhat enterprise_linux_server_tus 8.4
redhat enterprise_linux_for_ibm_z_systems_eus 8.2
redhat enterprise_linux_eus 8.1
redhat enterprise_linux_for_power_little_endian_eus 8.2
nodejs node.js *
redhat enterprise_linux_for_ibm_z_systems_eus 8.1
CVE-2021-3935 MEDIUM

When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate verification and encryption. This flaw affects PgBouncer versions prior to 1.16.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,CWE-295,

Products Affected

Vendor Product Version
debian debian_linux 9.0
pgbouncer pgbouncer *
fedoraproject fedora 35
redhat enterprise_linux 7.0
CVE-2025-12819

Untrusted search path in auth_query connection handler in PgBouncer before 1.25.1 allows an unauthenticated attacker to execute arbitrary SQL during authentication via a malicious search_path parameter in the StartupMessage.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
f86ef6dc-4d3a-42ad-8f28-e6d5547a5007 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 1.6 5.9

Products Affected

Vendor Product Version
pgbouncer pgbouncer *
CVE-2025-2291

Password can be used past expiry in PgBouncer due to auth_query not taking into account Postgres its VALID UNTIL value, which allows an attacker to log in with an already expired password

CVSS 3.x

Source Score Severity Vector Exploitability Impact
f86ef6dc-4d3a-42ad-8f28-e6d5547a5007 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

Products Affected

Vendor Product Version
debian debian_linux 11.0
pgbouncer pgbouncer *