Upgrade PostgreSQL JDBC driver to 42.5.0

XMLWordPrintable

      Upgrade PostgreSQL JDBC driver to 42.5.0 for CVE-2022-21724 (fixed in 42.3.2+)

      For details see: https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md

      Bitbucket would not be directly vulnerable to this as it requires the attacker to control the JDBC URL, something that is restricted to users with SYS_ADMIN permission. However this driver version has shown up on a customers vulnerability scan so it would be good to update it.

              Assignee:
              Unassigned
              Reporter:
              Ben Humphreys
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: