Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2023-31136
HistoryMay 09, 2023 - 2:15 p.m.

Code injection

2023-05-0914:15:00
PRIOn knowledge base
www.prio-n.com
3
postgresnio
code injection
man-in-the-middle attack
tls
vulnerability

0.002 Low

EPSS

Percentile

58.6%

JSON

PostgresNIO is a Swift client for PostgreSQL. Any user of PostgresNIO prior to version 1.14.2 connecting to servers with TLS enabled is vulnerable to a man-in-the-middle attacker injecting false responses to the client’s first few queries, despite the use of TLS certificate verification and encryption. The vulnerability is addressed in PostgresNIO versions starting from 1.14.2. There are no known workarounds for unpatched users.

CPENameOperatorVersion
postgresniolt1.14.2

Related

cve 1
cvelist 1
nvd 1
osv 2
github 1
cve
cve
CVE-2023-31136
2023-05-09 14:15:13
cvelist
cvelist
CVE-2023-31136 PostgresNIO processes unencrypted bytes from man-in-the-middle
2023-05-09 13:37:38
nvd
nvd
CVE-2023-31136
2023-05-09 14:15:13
osv
osv
CVE-2023-31136
2023-05-09 14:15:13
PostgresNIO processes unencrypted bytes from man-in-the-middle
2023-05-10 19:20:16
github
github
PostgresNIO processes unencrypted bytes from man-in-the-middle
2023-05-10 19:20:16

0.002 Low

EPSS

Percentile

58.6%

JSON
Related for PRION:CVE-2023-31136
cve1cvelist1nvd1osv2github1