CVE-2022-31197
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-31197
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-31197.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-31197
- Aliases
- Downstream
- Related
- Published
- 2022-08-03T00:00:00Z
- Modified
- 2025-11-05T14:13:37.381835Z
- Severity
-
- 7.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- SQL Injection in ResultSet.refreshRow() with malicious column names in pgjdbc
- Details
-
PostgreSQL JDBC Driver (PgJDBC for short) allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. The PGJDBC implementation of the
java.sql.ResultRow.refreshRow()method is not performing escaping of column names so a malicious column name that contains a statement terminator, e.g.;, could lead to SQL injection. This could lead to executing additional SQL commands as the application's JDBC user. User applications that do not invoke theResultSet.refreshRow()method are not impacted. User application that do invoke that method are impacted if the underlying database that they are querying via their JDBC application may be under the control of an attacker. The attack requires the attacker to trick the user into executing SQL against a table name who's column names would contain the malicious SQL and subsequently invoke therefreshRow()method on the ResultSet. Note that the application's JDBC user and the schema owner need not be the same. A JDBC application that executes as a privileged user querying database schemas owned by potentially malicious less-privileged users would be vulnerable. In that situation it may be possible for the malicious user to craft a schema that causes the application to execute commands as the privileged user. Patched versions will be released as42.2.26and42.4.1. Users are advised to upgrade. There are no known workarounds for this issue. - Database specific
{ "cwe_ids": [ "CWE-89" ] }- References
-
- https://github.com/pgjdbc/pgjdbc/commit/739e599d52ad80f8dcd6efedc6157859b1a9d637
- https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2
- https://lists.debian.org/debian-lts-announce/2022/10/msg00009.html
- https://lists.debian.org/debian-lts-announce/2024/12/msg00017.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6WHUADTZBBQLVHO4YG4XCWDGWBT4LRP/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTFE6SV33P5YYU2GNTQZQKQRVR3GYE4S/
Affected packages
Git / github.com/pgjdbc/pgjdbc
Affected ranges
Affected versions
REL42.*
REL42.2.0
REL42.2.1
REL42.2.10
REL42.2.11
REL42.2.12
REL42.2.13
REL42.2.14
REL42.2.14-rc1
REL42.2.15
REL42.2.15-rc1
REL42.2.15-rc2
REL42.2.16
REL42.2.16-rc2
REL42.2.17
REL42.2.17-rc1
REL42.2.18
REL42.2.18-rc1
REL42.2.19
REL42.2.19-rc1
REL42.2.19-rc2
REL42.2.2
REL42.2.20
REL42.2.20-rc1
REL42.2.20-rc2
REL42.2.21
REL42.2.21-rc1
REL42.2.21-rc2
REL42.2.22
REL42.2.22-rc1
REL42.2.23
REL42.2.23-rc1
REL42.2.23-rc3
REL42.2.23-rc4
REL42.2.23-rc5
REL42.2.23-rc6
REL42.2.24
REL42.2.24-rc1
REL42.2.24-rc2
REL42.2.25
REL42.2.25-rc1
REL42.2.3
REL42.2.4
REL42.2.5
REL42.2.6
REL42.2.7
REL42.2.8
REL42.2.9
REL42.3.0
REL42.3.0-rc1
REL42.3.0-rc2
REL42.3.1
REL42.3.1-rc1
REL42.3.1-rc2
REL42.3.2
REL42.3.2-rc2
REL42.3.3
REL42.3.3-rc1
REL42.3.4
REL42.3.4-rc1
REL42.3.5
REL42.3.5-rc1
REL42.3.6
REL42.3.6-rc1
REL42.4.0
REL42.4.0-rc1
Database specific
vanir_signatures
[
{
"id": "CVE-2022-31197-011cfa3d",
"signature_type": "Line",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "pgjdbc/src/main/java/org/postgresql/PGProperty.java"
},
"digest": {
"line_hashes": [
"197951750932335408380436150403222612826",
"13317961942431801205091815124360625379",
"300962599687194660816599964631095585351",
"63151987848888621574085576539233666450",
"337517256076520472976568492239924279407",
"51100145434319713837497563664409758196",
"33154749897629465108856604594066726156"
],
"threshold": 0.9
}
},
{
"id": "CVE-2022-31197-0131d0fd",
"signature_type": "Line",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "pgjdbc/src/test/java/org/postgresql/test/jdbc2/StatementTest.java"
},
"digest": {
"line_hashes": [
"282279500712607255309595195614108749605",
"9577331305760129652841061708438099243",
"191666394581842234542302696914881052752",
"42412005904802213185269323312139730164",
"221769259186519528209745799237324378119",
"2985414562018454220239907338112764454",
"90835721814097407101396814371958103808",
"98339886516000334000335462432744515160",
"256861088498279469296575079717748518738",
"25417866432325409649325396818642236295",
"208777884800845095395091797893930336728",
"290104062673617637254445055623119045068",
"46150497249556754643011850597633137076",
"330302123246858109260171690198831266705",
"284694175485509643688503782276124104548",
"17510533488465194753213863115772852419",
"339576595912210476634231404661552176445",
"292590309611772307451919206825419225132",
"138060739131648157973234195134642356519",
"314788957355709998080743318955627739313",
"327325873782105562007230906592842257240",
"268042112052424560529519628104412093681",
"241231537598203079778457321750803389389",
"78168133789204743584820527124257964077",
"73146395960751072330430257436951359668",
"287102647427452606961913666206975354144",
"254178869039295011614715512247171460048",
"67840623577697813335323696758322424255",
"41631476776282459781378185729618984341",
"59319806566123585098333847376452456981",
"271136531016614536136926750951759140955",
"1133587096635235378827692857111890719",
"140100683424907427263574101672904113471",
"296535876314532658388972220799865850843",
"40695774775920240289930566092788033923",
"309769458800252476938797634816004424270",
"279509961314457825685937556113484673402",
"29742085731648685878308461306627866950",
"308834825057801389873499646389603669758",
"316993497535905496586393783201504951430",
"58909247196879695344913283285619470876",
"237241252640732397983754223970414283173",
"322316404772478608832260881699069159604",
"109986579463016477647987994328417511605",
"297813932471309519168034428700036236981",
"20426836794743781237758177704380073155",
"28050339236730959599711899292237433152",
"30584865679757792412302442970034395978",
"196660264150127236930019193605994282285",
"49123483769906986446959768135000498934",
"37481586979229974002442896956758793015",
"98358168050041182613949101413866546711",
"311526303617067256032578436704687321052",
"199166681764091258976730679716089988412",
"327435216904227168239531021812787160664",
"241531128361586551310292473637183832859",
"274483875771748508333902925013356247304",
"316140134719437222438711722733214834233",
"110519597561183226716839206904365444636",
"137946524743607627699819076237451264603"
],
"threshold": 0.9
}
},
{
"id": "CVE-2022-31197-0235aaef",
"signature_type": "Function",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "executeWithFlags",
"file": "pgjdbc/src/main/java/org/postgresql/jdbc/PgPreparedStatement.java"
},
"digest": {
"function_hash": "339478609000229966161812072999327535020",
"length": 390.0
}
},
{
"id": "CVE-2022-31197-02960db5",
"signature_type": "Function",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "executeLargeUpdate",
"file": "pgjdbc/src/main/java/org/postgresql/jdbc/PgStatement.java"
},
"digest": {
"function_hash": "11642346674277053019888578303222527136",
"length": 268.0
}
},
{
"id": "CVE-2022-31197-0740eee5",
"signature_type": "Function",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "execute",
"file": "pgjdbc/src/main/java/org/postgresql/jdbc/PgPreparedStatement.java"
},
"digest": {
"function_hash": "69094252809981338790087021807339604625",
"length": 92.0
}
},
{
"id": "CVE-2022-31197-0ddc47ae",
"signature_type": "Function",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "executeWithFlags",
"file": "pgjdbc/src/main/java/org/postgresql/jdbc/PgCallableStatement.java"
},
"digest": {
"function_hash": "104216655014000517779890506800383028022",
"length": 1740.0
}
},
{
"id": "CVE-2022-31197-0fe15aaa",
"signature_type": "Function",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "execute",
"file": "pgjdbc/src/main/java/org/postgresql/jdbc/PgStatement.java"
},
"digest": {
"function_hash": "36731998702727034189845123291924623347",
"length": 367.0
}
},
{
"id": "CVE-2022-31197-28a30c85",
"signature_type": "Function",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "executeQuery",
"file": "pgjdbc/src/main/java/org/postgresql/jdbc/PgPreparedStatement.java"
},
"digest": {
"function_hash": "66020835671593075293052238750445375035",
"length": 224.0
}
},
{
"id": "CVE-2022-31197-299b7393",
"signature_type": "Function",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "close",
"file": "pgjdbc/src/main/java/org/postgresql/jdbc/PgStatement.java"
},
"digest": {
"function_hash": "271683963054224214536870205613049023966",
"length": 155.0
}
},
{
"id": "CVE-2022-31197-3f298f5f",
"signature_type": "Function",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "execute",
"file": "pgjdbc/src/main/java/org/postgresql/jdbc/PgStatement.java"
},
"digest": {
"function_hash": "63190662782526212498018749033523164218",
"length": 242.0
}
},
{
"id": "CVE-2022-31197-4b98c34b",
"signature_type": "Line",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "pgjdbc/src/main/java/org/postgresql/jdbc/PgDatabaseMetaData.java"
},
"digest": {
"line_hashes": [
"195825400342451525674375805783425434711",
"274825175348328176576547619163595772510",
"113250568387672818063026440399875358396",
"188287805242354340297536443360181039813",
"140496425343232997550143826430072211095",
"274333498770788029583911720646267152719",
"273373745220042267324788617325160058020"
],
"threshold": 0.9
}
},
{
"id": "CVE-2022-31197-670ee1c0",
"signature_type": "Line",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "pgjdbc/src/main/java/org/postgresql/jdbc/PgCallableStatement.java"
},
"digest": {
"line_hashes": [
"31921745693893242439575099116065360982",
"251174848372774627466555493519724890646",
"33216540194311595402873197589953934057",
"253182880924735067834663328803739920376",
"271658931452359822468128096321637419915",
"174933290047534451125526208728438155071",
"68373147080399801876193799722571016443",
"209385313789662763242856125877409413754",
"142118533496958467129340257603748350971",
"189082919702412691236849442115486004729",
"132824837254025351168289339495546364490",
"25099329958097205965588819828948287592",
"290706845399476670271413300028099490809",
"290453799970185907953466173832196294429",
"315508688096293062299137782594847040540",
"280796451767744614893797617915873605831",
"144434409568656978214016865661128192259",
"114276414763491183167493182737826391914",
"115771181202192882731374667311965099272",
"294229284665326630874031739206827244132",
"235712216976731933491495808810169039712",
"119941343014324222194740526469605865841",
"248692416635432512032104411402993284275",
"172191562145892686323095150083546372800",
"268492492332287545752506679999669355364",
"26248569742873803483914269509130761093",
"335941233549733445852098972524297467775",
"159744975024852019921680659192566512294",
"123267077660398554600811794707316083346",
"177404846481530247219065807505192726164",
"305702077493245512489503275045997685039",
"97766781125095654125229185000060703014",
"117721934866608646201930295870256967048",
"201385272786207785999019072881073797782",
"302773619320108605739840175402816123748",
"257379390384643212135872039730871918076",
"38162084486494531945844835687085963278",
"37250411602194092903266979080623844982",
"152680742542298405807442746290331437389",
"102560019047944534518434797934546919977",
"269059096133805528558251620231830402216",
"296878829984943195633831364236334199905",
"146301802730400055302455427440249451011",
"102165361141508778930289581160166439745",
"107554890160887195254365210765099239380",
"3973573984036714509427187392706969760",
"66123874047788500653523041667815409522",
"262151521666024532740852661514134460815",
"179582339579910122670345242508665709935",
"246645194095642162070860293324732413707"
],
"threshold": 0.9
}
},
{
"id": "CVE-2022-31197-79bfbbcf",
"signature_type": "Function",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "getUDTs",
"file": "pgjdbc/src/main/java/org/postgresql/jdbc/PgDatabaseMetaData.java"
},
"digest": {
"function_hash": "264339731325562951422772656913700825403",
"length": 2249.0
}
},
{
"id": "CVE-2022-31197-8c55b418",
"signature_type": "Function",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "setSslResponseTimeout",
"file": "pgjdbc/src/main/java/org/postgresql/ds/common/BaseDataSource.java"
},
"digest": {
"function_hash": "155692308988903956227752675770590008782",
"length": 104.0
}
},
{
"id": "CVE-2022-31197-97b8389b",
"signature_type": "Function",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "testConcurrentIsValid",
"file": "pgjdbc/src/test/java/org/postgresql/test/jdbc2/StatementTest.java"
},
"digest": {
"function_hash": "179086462910017613258993709154480054667",
"length": 1067.0
}
},
{
"id": "CVE-2022-31197-9fb17114",
"signature_type": "Function",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "isValid",
"file": "pgjdbc/src/main/java/org/postgresql/jdbc/PgConnection.java"
},
"digest": {
"function_hash": "36198296567566846905393753343047377440",
"length": 1041.0
}
},
{
"id": "CVE-2022-31197-a123ccb3",
"signature_type": "Function",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "executeLargeUpdate",
"file": "pgjdbc/src/main/java/org/postgresql/jdbc/PgPreparedStatement.java"
},
"digest": {
"function_hash": "167297111691286081976545123571253642685",
"length": 153.0
}
},
{
"id": "CVE-2022-31197-a15e9200",
"signature_type": "Line",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "pgjdbc/src/main/java/org/postgresql/jdbc/PgConnection.java"
},
"digest": {
"line_hashes": [
"255487554608385631055908606224664066374",
"114820470069463296207601684799700510005",
"44489571753195904124221683685514281659",
"38383859672617284844202615870188372067",
"314494533562631189843122196813211175530",
"220434893424516851404135241868083683634",
"217994379380169430930951229611346844150",
"134003473141214822083273499695164493120",
"193135883714238956569077060560347028970",
"309161087395411474477513007518891133804"
],
"threshold": 0.9
}
},
{
"id": "CVE-2022-31197-a930ae92",
"signature_type": "Function",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "executeUpdate",
"file": "pgjdbc/src/main/java/org/postgresql/jdbc/PgStatement.java"
},
"digest": {
"function_hash": "117256990690561726666535217309016828627",
"length": 173.0
}
},
{
"id": "CVE-2022-31197-b086c65b",
"signature_type": "Line",
"source": "https://github.com/pgjdbc/pgjdbc/commit/b5ee575b7d6e0918a58fe533f6c50b0c7e9f73c0",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "pgjdbc/src/main/java/org/postgresql/jdbc/PgResultSet.java"
},
"digest": {
"line_hashes": [
"28498993203511852605562543049763290411",
"223304611807718701845167986815184007245",
"128358773246719764843019213126855371284",
"38855050458750050418684677336160001272",
"174477965524941303884257453380780229180",
"62577371926200488950998680518968146122",
"297018567008724614970004818026857875628",
"304225486302133810027830469634674128111"
],
"threshold": 0.9
}
},
{
"id": "CVE-2022-31197-b92d4aa0",
"signature_type": "Line",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "pgjdbc/src/main/java/org/postgresql/jdbc/PgStatement.java"
},
"digest": {
"line_hashes": [
"52456436121328980557416735472634693039",
"222694259084308324255247855927792946037",
"216981877190262775210045745931801493384",
"192124247159766696299558484147391058398",
"307483289274646509288901209789455402877",
"282051362514284971931897093924485258542",
"146218847278586997886924207967388927026",
"5106464025691994509092710637444327463",
"22351562761627553304030267979462766609",
"123472841514225759400991043311179045040",
"231374068885714124747578878344545323079",
"285027658627227686835510927371039552017",
"199966629601758013884737478017914397010",
"145946991114155738034418537612664094974",
"300217312983253933625831444483107875270",
"3800932716711884905007884056769349372",
"106784833906774390295480908980358646751",
"173981925422996699173977625189247033704",
"38102284784255445116378779815583220881",
"64094010922777667244748578435373901754",
"204875863658494478133233164656781839291",
"91412612202132397384830246507833861839",
"225658130328248018267776828706953791670",
"243701881875867082978597480727305028412",
"325441788524665344862833055229517752023",
"307906266158977791804530315144464698950",
"293572013681133462739841086037435315255",
"115160208063280772699751109032923305160",
"276114887106876550448821689439311219770",
"156164773143295348017644312673267752820",
"319142082696695944812473969090025299945",
"223979055782725523845522572023106280020",
"299699941980410537803037443749281645859",
"22297718773451376181219040805751593329",
"322726967544161516393904648793366513190",
"14516326733847767459886386524705484342",
"63057259132418738401743391326462923370",
"329949183338352958813628832002354515021",
"210147500887898638865807774134879907320",
"214029466314835139934487593640635445036",
"307174164709278364952130966795721421242",
"147289746965373472116893970380848576533",
"260325155103866511104085243478221354023",
"32819490938412360209343812603191004284",
"223877437182426424813563853402498756584",
"137522440607553377700106466624106763949",
"170304772257663818896389310559756879730",
"224864246333182544227091783233168667295",
"126900936408909446667673231245841201005",
"227600321316750731640658556752751037377",
"76507892093141123212304433007181327363",
"92013256550676042178389789829091792441",
"79507427856897673808163306024495345622",
"30754693830902526664563041070067366209",
"83666721937562491868625511621717489257",
"298820632320610481576345500452549189578",
"102963286135246987158291918966334431509",
"110312321634199334330617817575342637977",
"199539532016643055486494823257684565797",
"97501358143407323966440127144180619034",
"17981692929703411850037101933453576666",
"100411870197329318159668020245683343114",
"266916133153934816616894693723095547233",
"72620665299661090786553777105959551481",
"100752442967219734771630433606124366883",
"153510441625745113859378397333592348433",
"98853634674639976174820865800325684617",
"100113028619088966629913795691503517795",
"120731828031679509171772923344127120656",
"193719223673286732451892604667719332113",
"20602305358253092501154351904996706101",
"142897976046854600682693821443153834460",
"110312321634199334330617817575342637977",
"7975892688576045777816272943930175662",
"137351432236416488422522880669019213142",
"279353175507264121385204360938060378655",
"245249389227804640455457493793415881433",
"36977975814192755218807288833662748520",
"225078304245087152023323443779911667112",
"56891955634711375775939833166626375387",
"131367576956654276889576731579132924199",
"144337443177428754306676421377877769505",
"59308547705863132792266739648498785134",
"309283656483798566330690158180026330940",
"77145426193304400079006714605738265141",
"67775504124007210695242148402150224122",
"3582741834064680757910451638619300223",
"73577379766593473207734760746304499760"
],
"threshold": 0.9
}
},
{
"id": "CVE-2022-31197-baa50263",
"signature_type": "Line",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "pgjdbc/src/main/java/org/postgresql/ds/common/BaseDataSource.java"
},
"digest": {
"line_hashes": [
"92143699255779212946228525067658615793",
"168140435601344938777266243472699308846",
"10649172296696738584340933387338185724",
"290443886446409203842393855330802063364",
"299018365393766908664888246993123760693",
"76033354707691360529162309896766651509",
"55491260692853232609394615556069404504",
"22099932413511721340780569714454086969",
"30587552248947597351195671160007992596"
],
"threshold": 0.9
}
},
{
"id": "CVE-2022-31197-baca0d07",
"signature_type": "Line",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "pgjdbc/src/main/java/org/postgresql/jdbc/PgPreparedStatement.java"
},
"digest": {
"line_hashes": [
"151022090880794093700866456016947747955",
"263180385596396118294690209236174886517",
"282943888634159642254371480917598622654",
"295865287487007703379210976724030088958",
"177104056823938336745259641834183692470",
"282051362514284971931897093924485258542",
"146218847278586997886924207967388927026",
"75567929998227787502560166354515343779",
"262656900491655057924163858039379651791",
"308345732160563273970336164667659794775",
"162607551928603870524942726602947395523",
"216375288064993237229472049108735944948",
"85332014372057525223218374563049409035",
"108885969532955348697132724049252491395",
"300217312983253933625831444483107875270",
"166953915473489614545634564328733112422",
"48330162709298595596753728227461348877",
"283248896860137568778952815198515001502",
"329349794990008133564425197175705518275",
"21225891360399318986393027904188975832",
"278044942758379730601599524462248068334",
"168062763843378343128330139608818802671",
"126900936408909446667673231245841201005",
"227600321316750731640658556752751037377",
"205119043599146127722454190850368909947",
"264224444809290058233345365955844913988",
"191292020399168311787104208446369386979",
"210412851192430037584221477907174432270",
"252103853453052409537972854714943138865",
"60532866432177411068824190546750832524",
"94765497653073472774830858610568004119",
"215970334445462810747345465365220358940",
"162868286569014894230420132508018908695",
"264584914242148494948228566253978065308",
"76310842590020902042320659838486865150",
"78886460403526902220765066983401532422",
"63204030558154594167335198103985293259",
"180981293392773841868791714747999188589",
"302945671693190141259795463807067741639",
"37761241046994861807942821590824195355"
],
"threshold": 0.9
}
},
{
"id": "CVE-2022-31197-cd747936",
"signature_type": "Function",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "executeUpdate",
"file": "pgjdbc/src/main/java/org/postgresql/jdbc/PgStatement.java"
},
"digest": {
"function_hash": "11642346674277053019888578303222527136",
"length": 268.0
}
},
{
"id": "CVE-2022-31197-d1dac84f",
"signature_type": "Line",
"source": "https://github.com/pgjdbc/pgjdbc/commit/b5ee575b7d6e0918a58fe533f6c50b0c7e9f73c0",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "pgjdbc/src/test/java/org/postgresql/test/jdbc2/Jdbc2TestSuite.java"
},
"digest": {
"line_hashes": [
"41537048879440998419184509698069882324",
"275828047695124194251398158241048047125",
"106105411051466425572554034200697554503",
"166431915604043295410171545867461267467"
],
"threshold": 0.9
}
},
{
"id": "CVE-2022-31197-d228507f",
"signature_type": "Function",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "executeQuery",
"file": "pgjdbc/src/main/java/org/postgresql/jdbc/PgStatement.java"
},
"digest": {
"function_hash": "47246556689491243856917506850982842637",
"length": 244.0
}
},
{
"id": "CVE-2022-31197-d3d217b6",
"signature_type": "Function",
"source": "https://github.com/pgjdbc/pgjdbc/commit/b5ee575b7d6e0918a58fe533f6c50b0c7e9f73c0",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "refreshRow",
"file": "pgjdbc/src/main/java/org/postgresql/jdbc/PgResultSet.java"
},
"digest": {
"function_hash": "234256344887207496418164968779565519747",
"length": 1766.0
}
},
{
"id": "CVE-2022-31197-d6917a7b",
"signature_type": "Function",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "executeLargeUpdate",
"file": "pgjdbc/src/main/java/org/postgresql/jdbc/PgStatement.java"
},
"digest": {
"function_hash": "117256990690561726666535217309016828627",
"length": 173.0
}
},
{
"id": "CVE-2022-31197-dd90472b",
"signature_type": "Function",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "executeUpdate",
"file": "pgjdbc/src/main/java/org/postgresql/jdbc/PgPreparedStatement.java"
},
"digest": {
"function_hash": "167297111691286081976545123571253642685",
"length": 153.0
}
},
{
"id": "CVE-2022-31197-e009ea78",
"signature_type": "Line",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "pgjdbc/src/main/java/org/postgresql/core/v3/ConnectionFactoryImpl.java"
},
"digest": {
"line_hashes": [
"337319076944778557800328361243857855683",
"10501722933555668139502385436178072354",
"164823269507302173159110494838915071923",
"64830961399989896371022039734860148181",
"147359760744342791511017531070144005130",
"244756121016400131471824506564146776219",
"39741458215973882752205057422301064528",
"166580103900467910631245840454542340205",
"123372549438468989078664659969965889455",
"78547557799055849354799263022976341920",
"295180689143330274432902520423170839381",
"44056341025868734844134234998719801178",
"273416494158374015282405268575428714604"
],
"threshold": 0.9
}
},
{
"id": "CVE-2022-31197-e2a45377",
"signature_type": "Function",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "isClosed",
"file": "pgjdbc/src/main/java/org/postgresql/jdbc/PgStatement.java"
},
"digest": {
"function_hash": "338782035597922639364276971511013378241",
"length": 65.0
}
},
{
"id": "CVE-2022-31197-f14d1d39",
"signature_type": "Function",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "enableSSL",
"file": "pgjdbc/src/main/java/org/postgresql/core/v3/ConnectionFactoryImpl.java"
},
"digest": {
"function_hash": "313349226424169876367159860079947280444",
"length": 1439.0
}
},
{
"id": "CVE-2022-31197-f1b69c24",
"signature_type": "Function",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "getSslResponseTimeout",
"file": "pgjdbc/src/main/java/org/postgresql/ds/common/BaseDataSource.java"
},
"digest": {
"function_hash": "287870531560121678801357938202668578142",
"length": 91.0
}
},
{
"id": "CVE-2022-31197-fd9e1dc4",
"signature_type": "Function",
"source": "https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "testCancelQueryWithBrokenNetwork",
"file": "pgjdbc/src/test/java/org/postgresql/test/jdbc2/StatementTest.java"
},
"digest": {
"function_hash": "89425791447876065974157119549006079389",
"length": 731.0
}
}
]