pkg:Debian/pgbouncer

All known vulnerabilities

• CRITICAL9.8CVE-2026-6665PgBouncer buffer overflow in SCRAM
  from 0
• CRITICAL9.8CVE-2025-2291PgBouncer default auth_query does not take Postgres password expiry into account
  from 0, < 1.15.0-1+deb11u1
• HIGH8.1CVE-2025-12819pgbouncer - security update
  from 0, < 1.15.0-1+deb11u2
• HIGH8.1pgbouncer - security update
  from 0, < 1.15.0-1+deb11u2
• HIGH8.1pgbouncer - security update
  from 0, < 1.7.2-2+deb9u1
• HIGH8.1pgbouncer - security update
  from 0, < 1.15.0-1+deb11u1
• HIGH8.1pgbouncer - security update
  from 0, < 1.15.0-1+deb11u1
• HIGH8.1PgBouncer 1.6.x before 1.6.1, when configured with auth_user, allows remote attackers to gain login access as auth_user via an unknown user…
  from 0, < 1.6.1-1
• HIGH7.5PgBouncer crash in kill_pool_logins_server_error
  from 0
• HIGH7.5PgBouncer integer overflow in PgBouncer network packet parsing
  from 0
• HIGH7.5PgBouncer before 1.5.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by sending a password pack…
  from 0, < 1.5.5-1
• MEDIUM4.3PgBouncer missing authorization check in KILL_CLIENT admin command
  from 0
• —The add_database function in objects.c in the pgbouncer pooler 1.5.2 for PostgreSQL allows remote attackers to cause a denial of service (d…
  from 0, < 1.5.2-4