{"id":"CVE-2022-31197","summary":"SQL Injection in ResultSet.refreshRow() with malicious column names in pgjdbc","details":"PostgreSQL JDBC Driver (PgJDBC for short) allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. The PGJDBC implementation of the `java.sql.ResultRow.refreshRow()` method is not performing escaping of column names so a malicious column name that contains a statement terminator, e.g. `;`, could lead to SQL injection. This could lead to executing additional SQL commands as the application's JDBC user. User applications that do not invoke the `ResultSet.refreshRow()` method are not impacted. User application that do invoke that method are impacted if the underlying database that they are querying via their JDBC application may be under the control of an attacker. The attack requires the attacker to trick the user into executing SQL against a table name who's column names would contain the malicious SQL and subsequently invoke the `refreshRow()` method on the ResultSet. Note that the application's JDBC user and the schema owner need not be the same. A JDBC application that executes as a privileged user querying database schemas owned by potentially malicious less-privileged users would be vulnerable. In that situation it may be possible for the malicious user to craft a schema that causes the application to execute commands as the privileged user. Patched versions will be released as `42.2.26` and `42.4.1`. Users are advised to upgrade. There are no known workarounds for this issue.","aliases":["BIT-postgresql-jdbc-driver-2022-31197","GHSA-r38f-c4h4-hqq2"],"modified":"2026-04-12T02:56:47.770072Z","published":"2022-08-03T00:00:00Z","related":["ALSA-2023:0318","CGA-xh6v-x3h4-hf9g","SUSE-SU-2022:3537-1","SUSE-SU-2022:3541-1","SUSE-SU-2022:3613-1","SUSE-SU-2022:3705-1","openSUSE-SU-2024:12369-1"],"database_specific":{"cwe_ids":["CWE-89"],"cna_assigner":"GitHub_M","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/31xxx/CVE-2022-31197.json"},"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/12/msg00017.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/31xxx/CVE-2022-31197.json"},{"type":"ADVISORY","url":"https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6WHUADTZBBQLVHO4YG4XCWDGWBT4LRP/"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTFE6SV33P5YYU2GNTQZQKQRVR3GYE4S/"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-31197"},{"type":"FIX","url":"https://github.com/pgjdbc/pgjdbc/commit/739e599d52ad80f8dcd6efedc6157859b1a9d637"},{"type":"ARTICLE","url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00009.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/pgjdbc/pgjdbc","events":[{"introduced":"0bbd405590d898a184d5f46331cc803c5a1b22c6"},{"fixed":"b5ee575b7d6e0918a58fe533f6c50b0c7e9f73c0"}],"database_specific":{"versions":[{"introduced":"42.2.0"},{"fixed":"42.2.26"}]}},{"type":"GIT","repo":"https://github.com/pgjdbc/pgjdbc","events":[{"introduced":"6d93eb817f334b383d2c8716a50d8c1255e24236"},{"fixed":"bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2"}],"database_specific":{"versions":[{"introduced":"42.3.0"},{"fixed":"42.4.1"}]}}],"versions":["REL42.2.0","REL42.2.1","REL42.2.10","REL42.2.11","REL42.2.12","REL42.2.13","REL42.2.14","REL42.2.14-rc1","REL42.2.15","REL42.2.15-rc1","REL42.2.15-rc2","REL42.2.16","REL42.2.16-rc2","REL42.2.17","REL42.2.17-rc1","REL42.2.18","REL42.2.18-rc1","REL42.2.19","REL42.2.19-rc1","REL42.2.19-rc2","REL42.2.2","REL42.2.20","REL42.2.20-rc1","REL42.2.20-rc2","REL42.2.21","REL42.2.21-rc1","REL42.2.21-rc2","REL42.2.22","REL42.2.22-rc1","REL42.2.23","REL42.2.23-rc1","REL42.2.23-rc3","REL42.2.23-rc4","REL42.2.23-rc5","REL42.2.23-rc6","REL42.2.24","REL42.2.24-rc1","REL42.2.24-rc2","REL42.2.25","REL42.2.25-rc1","REL42.2.3","REL42.2.4","REL42.2.5","REL42.2.6","REL42.2.7","REL42.2.8","REL42.2.9","REL42.3.0","REL42.3.0-rc1","REL42.3.0-rc2","REL42.3.1","REL42.3.1-rc1","REL42.3.1-rc2","REL42.3.2","REL42.3.2-rc2","REL42.3.3","REL42.3.3-rc1","REL42.3.4","REL42.3.4-rc1","REL42.3.5","REL42.3.5-rc1","REL42.3.6","REL42.3.6-rc1","REL42.4.0","REL42.4.0-rc1"],"database_specific":{"vanir_signatures_modified":"2026-04-12T02:56:47Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-31197.json","vanir_signatures":[{"id":"CVE-2022-31197-011cfa3d","digest":{"threshold":0.9,"line_hashes":["197951750932335408380436150403222612826","13317961942431801205091815124360625379","300962599687194660816599964631095585351","63151987848888621574085576539233666450","337517256076520472976568492239924279407","51100145434319713837497563664409758196","33154749897629465108856604594066726156"]},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/PGProperty.java"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Line","signature_version":"v1"},{"id":"CVE-2022-31197-0131d0fd","digest":{"threshold":0.9,"line_hashes":["282279500712607255309595195614108749605","9577331305760129652841061708438099243","191666394581842234542302696914881052752","42412005904802213185269323312139730164","221769259186519528209745799237324378119","2985414562018454220239907338112764454","90835721814097407101396814371958103808","98339886516000334000335462432744515160","256861088498279469296575079717748518738","25417866432325409649325396818642236295","208777884800845095395091797893930336728","290104062673617637254445055623119045068","46150497249556754643011850597633137076","330302123246858109260171690198831266705","284694175485509643688503782276124104548","17510533488465194753213863115772852419","339576595912210476634231404661552176445","292590309611772307451919206825419225132","138060739131648157973234195134642356519","314788957355709998080743318955627739313","327325873782105562007230906592842257240","268042112052424560529519628104412093681","241231537598203079778457321750803389389","78168133789204743584820527124257964077","73146395960751072330430257436951359668","287102647427452606961913666206975354144","254178869039295011614715512247171460048","67840623577697813335323696758322424255","41631476776282459781378185729618984341","59319806566123585098333847376452456981","271136531016614536136926750951759140955","1133587096635235378827692857111890719","140100683424907427263574101672904113471","296535876314532658388972220799865850843","40695774775920240289930566092788033923","309769458800252476938797634816004424270","279509961314457825685937556113484673402","29742085731648685878308461306627866950","308834825057801389873499646389603669758","316993497535905496586393783201504951430","58909247196879695344913283285619470876","237241252640732397983754223970414283173","322316404772478608832260881699069159604","109986579463016477647987994328417511605","297813932471309519168034428700036236981","20426836794743781237758177704380073155","28050339236730959599711899292237433152","30584865679757792412302442970034395978","196660264150127236930019193605994282285","49123483769906986446959768135000498934","37481586979229974002442896956758793015","98358168050041182613949101413866546711","311526303617067256032578436704687321052","199166681764091258976730679716089988412","327435216904227168239531021812787160664","241531128361586551310292473637183832859","274483875771748508333902925013356247304","316140134719437222438711722733214834233","110519597561183226716839206904365444636","137946524743607627699819076237451264603"]},"deprecated":false,"target":{"file":"pgjdbc/src/test/java/org/postgresql/test/jdbc2/StatementTest.java"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Line","signature_version":"v1"},{"id":"CVE-2022-31197-0235aaef","digest":{"length":390,"function_hash":"339478609000229966161812072999327535020"},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/jdbc/PgPreparedStatement.java","function":"executeWithFlags"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Function","signature_version":"v1"},{"id":"CVE-2022-31197-02960db5","digest":{"length":268,"function_hash":"11642346674277053019888578303222527136"},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/jdbc/PgStatement.java","function":"executeLargeUpdate"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Function","signature_version":"v1"},{"id":"CVE-2022-31197-0740eee5","digest":{"length":92,"function_hash":"69094252809981338790087021807339604625"},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/jdbc/PgPreparedStatement.java","function":"execute"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Function","signature_version":"v1"},{"id":"CVE-2022-31197-0ddc47ae","digest":{"length":1740,"function_hash":"104216655014000517779890506800383028022"},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/jdbc/PgCallableStatement.java","function":"executeWithFlags"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Function","signature_version":"v1"},{"id":"CVE-2022-31197-0fe15aaa","digest":{"length":367,"function_hash":"36731998702727034189845123291924623347"},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/jdbc/PgStatement.java","function":"execute"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Function","signature_version":"v1"},{"id":"CVE-2022-31197-28a30c85","digest":{"length":224,"function_hash":"66020835671593075293052238750445375035"},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/jdbc/PgPreparedStatement.java","function":"executeQuery"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Function","signature_version":"v1"},{"id":"CVE-2022-31197-299b7393","digest":{"length":155,"function_hash":"271683963054224214536870205613049023966"},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/jdbc/PgStatement.java","function":"close"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Function","signature_version":"v1"},{"id":"CVE-2022-31197-3f298f5f","digest":{"length":242,"function_hash":"63190662782526212498018749033523164218"},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/jdbc/PgStatement.java","function":"execute"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Function","signature_version":"v1"},{"id":"CVE-2022-31197-4b98c34b","digest":{"threshold":0.9,"line_hashes":["195825400342451525674375805783425434711","274825175348328176576547619163595772510","113250568387672818063026440399875358396","188287805242354340297536443360181039813","140496425343232997550143826430072211095","274333498770788029583911720646267152719","273373745220042267324788617325160058020"]},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/jdbc/PgDatabaseMetaData.java"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Line","signature_version":"v1"},{"id":"CVE-2022-31197-670ee1c0","digest":{"threshold":0.9,"line_hashes":["31921745693893242439575099116065360982","251174848372774627466555493519724890646","33216540194311595402873197589953934057","253182880924735067834663328803739920376","271658931452359822468128096321637419915","174933290047534451125526208728438155071","68373147080399801876193799722571016443","209385313789662763242856125877409413754","142118533496958467129340257603748350971","189082919702412691236849442115486004729","132824837254025351168289339495546364490","25099329958097205965588819828948287592","290706845399476670271413300028099490809","290453799970185907953466173832196294429","315508688096293062299137782594847040540","280796451767744614893797617915873605831","144434409568656978214016865661128192259","114276414763491183167493182737826391914","115771181202192882731374667311965099272","294229284665326630874031739206827244132","235712216976731933491495808810169039712","119941343014324222194740526469605865841","248692416635432512032104411402993284275","172191562145892686323095150083546372800","268492492332287545752506679999669355364","26248569742873803483914269509130761093","335941233549733445852098972524297467775","159744975024852019921680659192566512294","123267077660398554600811794707316083346","177404846481530247219065807505192726164","305702077493245512489503275045997685039","97766781125095654125229185000060703014","117721934866608646201930295870256967048","201385272786207785999019072881073797782","302773619320108605739840175402816123748","257379390384643212135872039730871918076","38162084486494531945844835687085963278","37250411602194092903266979080623844982","152680742542298405807442746290331437389","102560019047944534518434797934546919977","269059096133805528558251620231830402216","296878829984943195633831364236334199905","146301802730400055302455427440249451011","102165361141508778930289581160166439745","107554890160887195254365210765099239380","3973573984036714509427187392706969760","66123874047788500653523041667815409522","262151521666024532740852661514134460815","179582339579910122670345242508665709935","246645194095642162070860293324732413707"]},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/jdbc/PgCallableStatement.java"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Line","signature_version":"v1"},{"id":"CVE-2022-31197-79bfbbcf","digest":{"length":2249,"function_hash":"264339731325562951422772656913700825403"},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/jdbc/PgDatabaseMetaData.java","function":"getUDTs"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Function","signature_version":"v1"},{"id":"CVE-2022-31197-8c55b418","digest":{"length":104,"function_hash":"155692308988903956227752675770590008782"},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/ds/common/BaseDataSource.java","function":"setSslResponseTimeout"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Function","signature_version":"v1"},{"id":"CVE-2022-31197-97b8389b","digest":{"length":1067,"function_hash":"179086462910017613258993709154480054667"},"deprecated":false,"target":{"file":"pgjdbc/src/test/java/org/postgresql/test/jdbc2/StatementTest.java","function":"testConcurrentIsValid"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Function","signature_version":"v1"},{"id":"CVE-2022-31197-9fb17114","digest":{"length":1041,"function_hash":"36198296567566846905393753343047377440"},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/jdbc/PgConnection.java","function":"isValid"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Function","signature_version":"v1"},{"id":"CVE-2022-31197-a123ccb3","digest":{"length":153,"function_hash":"167297111691286081976545123571253642685"},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/jdbc/PgPreparedStatement.java","function":"executeLargeUpdate"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Function","signature_version":"v1"},{"id":"CVE-2022-31197-a15e9200","digest":{"threshold":0.9,"line_hashes":["255487554608385631055908606224664066374","114820470069463296207601684799700510005","44489571753195904124221683685514281659","38383859672617284844202615870188372067","314494533562631189843122196813211175530","220434893424516851404135241868083683634","217994379380169430930951229611346844150","134003473141214822083273499695164493120","193135883714238956569077060560347028970","309161087395411474477513007518891133804"]},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/jdbc/PgConnection.java"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Line","signature_version":"v1"},{"id":"CVE-2022-31197-a930ae92","digest":{"length":173,"function_hash":"117256990690561726666535217309016828627"},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/jdbc/PgStatement.java","function":"executeUpdate"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Function","signature_version":"v1"},{"id":"CVE-2022-31197-b086c65b","digest":{"threshold":0.9,"line_hashes":["28498993203511852605562543049763290411","223304611807718701845167986815184007245","128358773246719764843019213126855371284","38855050458750050418684677336160001272","174477965524941303884257453380780229180","62577371926200488950998680518968146122","297018567008724614970004818026857875628","304225486302133810027830469634674128111"]},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/jdbc/PgResultSet.java"},"source":"https://github.com/pgjdbc/pgjdbc/commit/b5ee575b7d6e0918a58fe533f6c50b0c7e9f73c0","signature_type":"Line","signature_version":"v1"},{"id":"CVE-2022-31197-b92d4aa0","digest":{"threshold":0.9,"line_hashes":["52456436121328980557416735472634693039","222694259084308324255247855927792946037","216981877190262775210045745931801493384","192124247159766696299558484147391058398","307483289274646509288901209789455402877","282051362514284971931897093924485258542","146218847278586997886924207967388927026","5106464025691994509092710637444327463","22351562761627553304030267979462766609","123472841514225759400991043311179045040","231374068885714124747578878344545323079","285027658627227686835510927371039552017","199966629601758013884737478017914397010","145946991114155738034418537612664094974","300217312983253933625831444483107875270","3800932716711884905007884056769349372","106784833906774390295480908980358646751","173981925422996699173977625189247033704","38102284784255445116378779815583220881","64094010922777667244748578435373901754","204875863658494478133233164656781839291","91412612202132397384830246507833861839","225658130328248018267776828706953791670","243701881875867082978597480727305028412","325441788524665344862833055229517752023","307906266158977791804530315144464698950","293572013681133462739841086037435315255","115160208063280772699751109032923305160","276114887106876550448821689439311219770","156164773143295348017644312673267752820","319142082696695944812473969090025299945","223979055782725523845522572023106280020","299699941980410537803037443749281645859","22297718773451376181219040805751593329","322726967544161516393904648793366513190","14516326733847767459886386524705484342","63057259132418738401743391326462923370","329949183338352958813628832002354515021","210147500887898638865807774134879907320","214029466314835139934487593640635445036","307174164709278364952130966795721421242","147289746965373472116893970380848576533","260325155103866511104085243478221354023","32819490938412360209343812603191004284","223877437182426424813563853402498756584","137522440607553377700106466624106763949","170304772257663818896389310559756879730","224864246333182544227091783233168667295","126900936408909446667673231245841201005","227600321316750731640658556752751037377","76507892093141123212304433007181327363","92013256550676042178389789829091792441","79507427856897673808163306024495345622","30754693830902526664563041070067366209","83666721937562491868625511621717489257","298820632320610481576345500452549189578","102963286135246987158291918966334431509","110312321634199334330617817575342637977","199539532016643055486494823257684565797","97501358143407323966440127144180619034","17981692929703411850037101933453576666","100411870197329318159668020245683343114","266916133153934816616894693723095547233","72620665299661090786553777105959551481","100752442967219734771630433606124366883","153510441625745113859378397333592348433","98853634674639976174820865800325684617","100113028619088966629913795691503517795","120731828031679509171772923344127120656","193719223673286732451892604667719332113","20602305358253092501154351904996706101","142897976046854600682693821443153834460","110312321634199334330617817575342637977","7975892688576045777816272943930175662","137351432236416488422522880669019213142","279353175507264121385204360938060378655","245249389227804640455457493793415881433","36977975814192755218807288833662748520","225078304245087152023323443779911667112","56891955634711375775939833166626375387","131367576956654276889576731579132924199","144337443177428754306676421377877769505","59308547705863132792266739648498785134","309283656483798566330690158180026330940","77145426193304400079006714605738265141","67775504124007210695242148402150224122","3582741834064680757910451638619300223","73577379766593473207734760746304499760"]},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/jdbc/PgStatement.java"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Line","signature_version":"v1"},{"id":"CVE-2022-31197-baa50263","digest":{"threshold":0.9,"line_hashes":["92143699255779212946228525067658615793","168140435601344938777266243472699308846","10649172296696738584340933387338185724","290443886446409203842393855330802063364","299018365393766908664888246993123760693","76033354707691360529162309896766651509","55491260692853232609394615556069404504","22099932413511721340780569714454086969","30587552248947597351195671160007992596"]},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/ds/common/BaseDataSource.java"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Line","signature_version":"v1"},{"id":"CVE-2022-31197-baca0d07","digest":{"threshold":0.9,"line_hashes":["151022090880794093700866456016947747955","263180385596396118294690209236174886517","282943888634159642254371480917598622654","295865287487007703379210976724030088958","177104056823938336745259641834183692470","282051362514284971931897093924485258542","146218847278586997886924207967388927026","75567929998227787502560166354515343779","262656900491655057924163858039379651791","308345732160563273970336164667659794775","162607551928603870524942726602947395523","216375288064993237229472049108735944948","85332014372057525223218374563049409035","108885969532955348697132724049252491395","300217312983253933625831444483107875270","166953915473489614545634564328733112422","48330162709298595596753728227461348877","283248896860137568778952815198515001502","329349794990008133564425197175705518275","21225891360399318986393027904188975832","278044942758379730601599524462248068334","168062763843378343128330139608818802671","126900936408909446667673231245841201005","227600321316750731640658556752751037377","205119043599146127722454190850368909947","264224444809290058233345365955844913988","191292020399168311787104208446369386979","210412851192430037584221477907174432270","252103853453052409537972854714943138865","60532866432177411068824190546750832524","94765497653073472774830858610568004119","215970334445462810747345465365220358940","162868286569014894230420132508018908695","264584914242148494948228566253978065308","76310842590020902042320659838486865150","78886460403526902220765066983401532422","63204030558154594167335198103985293259","180981293392773841868791714747999188589","302945671693190141259795463807067741639","37761241046994861807942821590824195355"]},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/jdbc/PgPreparedStatement.java"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Line","signature_version":"v1"},{"id":"CVE-2022-31197-cd747936","digest":{"length":268,"function_hash":"11642346674277053019888578303222527136"},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/jdbc/PgStatement.java","function":"executeUpdate"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Function","signature_version":"v1"},{"id":"CVE-2022-31197-d1dac84f","digest":{"threshold":0.9,"line_hashes":["41537048879440998419184509698069882324","275828047695124194251398158241048047125","106105411051466425572554034200697554503","166431915604043295410171545867461267467"]},"deprecated":false,"target":{"file":"pgjdbc/src/test/java/org/postgresql/test/jdbc2/Jdbc2TestSuite.java"},"source":"https://github.com/pgjdbc/pgjdbc/commit/b5ee575b7d6e0918a58fe533f6c50b0c7e9f73c0","signature_type":"Line","signature_version":"v1"},{"id":"CVE-2022-31197-d228507f","digest":{"length":244,"function_hash":"47246556689491243856917506850982842637"},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/jdbc/PgStatement.java","function":"executeQuery"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Function","signature_version":"v1"},{"id":"CVE-2022-31197-d3d217b6","digest":{"length":1766,"function_hash":"234256344887207496418164968779565519747"},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/jdbc/PgResultSet.java","function":"refreshRow"},"source":"https://github.com/pgjdbc/pgjdbc/commit/b5ee575b7d6e0918a58fe533f6c50b0c7e9f73c0","signature_type":"Function","signature_version":"v1"},{"id":"CVE-2022-31197-d6917a7b","digest":{"length":173,"function_hash":"117256990690561726666535217309016828627"},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/jdbc/PgStatement.java","function":"executeLargeUpdate"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Function","signature_version":"v1"},{"id":"CVE-2022-31197-dd90472b","digest":{"length":153,"function_hash":"167297111691286081976545123571253642685"},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/jdbc/PgPreparedStatement.java","function":"executeUpdate"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Function","signature_version":"v1"},{"id":"CVE-2022-31197-e009ea78","digest":{"threshold":0.9,"line_hashes":["337319076944778557800328361243857855683","10501722933555668139502385436178072354","164823269507302173159110494838915071923","64830961399989896371022039734860148181","147359760744342791511017531070144005130","244756121016400131471824506564146776219","39741458215973882752205057422301064528","166580103900467910631245840454542340205","123372549438468989078664659969965889455","78547557799055849354799263022976341920","295180689143330274432902520423170839381","44056341025868734844134234998719801178","273416494158374015282405268575428714604"]},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/core/v3/ConnectionFactoryImpl.java"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Line","signature_version":"v1"},{"id":"CVE-2022-31197-e2a45377","digest":{"length":65,"function_hash":"338782035597922639364276971511013378241"},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/jdbc/PgStatement.java","function":"isClosed"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Function","signature_version":"v1"},{"id":"CVE-2022-31197-f14d1d39","digest":{"length":1439,"function_hash":"313349226424169876367159860079947280444"},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/core/v3/ConnectionFactoryImpl.java","function":"enableSSL"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Function","signature_version":"v1"},{"id":"CVE-2022-31197-f1b69c24","digest":{"length":91,"function_hash":"287870531560121678801357938202668578142"},"deprecated":false,"target":{"file":"pgjdbc/src/main/java/org/postgresql/ds/common/BaseDataSource.java","function":"getSslResponseTimeout"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Function","signature_version":"v1"},{"id":"CVE-2022-31197-fd9e1dc4","digest":{"length":731,"function_hash":"89425791447876065974157119549006079389"},"deprecated":false,"target":{"file":"pgjdbc/src/test/java/org/postgresql/test/jdbc2/StatementTest.java","function":"testCancelQueryWithBrokenNetwork"},"source":"https://github.com/pgjdbc/pgjdbc/commit/bd91c4cc76cdfc1ffd0322be80c85ddfe08a38c2","signature_type":"Function","signature_version":"v1"}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"}]}