Severity by source
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network vector but AC:H because a pre-existing TLS MITM position and a specific certificate signature algorithm are required; impact is loss of authentication integrity (I:H) with no direct confidentiality or availability loss.
Primary rating from Vendor (GitHub_M).
CVSS VectorVendor: GitHub_M
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
pgjdbc is an open source postgresql JDBC Driver. In releases 42.7.4 through 42.7.11, channelBinding=require connections can be silently downgraded from SCRAM-SHA-256-PLUS with channel binding to plain SCRAM-SHA-256 without it, losing the man-in-the-middle protection the setting is meant to guarantee. An attacker who can intercept the TLS connection can trigger the downgrade with a certificate whose signature algorithm has no tls-server-end-point channel-binding hash, because the bundled com.ongres.scram:scram-client returns an empty byte array instead of failing and pgJDBC ScramAuthenticator checks only that the server advertised a PLUS mechanism, without rejecting the empty binding or checking that the negotiated mechanism uses channel binding. This issue is fixed in version 42.7.12.
Articles & Coverage 1
AnalysisAI
Channel-binding downgrade in the pgjdbc PostgreSQL JDBC Driver (releases 42.7.4 through 42.7.11) lets an active man-in-the-middle silently strip SCRAM-SHA-256-PLUS channel binding down to plain SCRAM-SHA-256 even when the client explicitly set channelBinding=require, defeating the exact protection that setting promises. The flaw stems from the bundled com.ongres.scram:scram-client returning an empty binding for certificates whose signature algorithm lacks a tls-server-end-point hash, combined with pgJDBC's ScramAuthenticator failing to reject that empty binding. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the client to be configured with channelBinding=require (the setting whose protection is being defeated) and an attacker who already holds an active man-in-the-middle position on the TLS connection between the application and PostgreSQL. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 vector (AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N, base 8.2) captures the practical reality well: exploitation is network-based and needs no privileges or user interaction, but carries high attack complexity (AC:H) and an explicit attack requirement (AT:P) - the attacker must already hold an active man-in-the-middle position on the TLS path and control (or induce) a server certificate using a signature algorithm lacking a tls-server-end-point hash. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker positioned to intercept the TLS traffic between a Java application and its PostgreSQL server (e.g., a compromised network segment or rogue proxy) presents a server certificate whose signature algorithm produces no tls-server-end-point channel-binding hash. Because scram-client returns an empty binding and pgJDBC accepts it, the connection negotiated with channelBinding=require silently falls back to plain SCRAM-SHA-256, and the attacker completes a full man-in-the-middle relay of the authenticated session. … |
| Remediation | Vendor-released patch: 42.7.12 - upgrade the pgjdbc driver dependency to 42.7.12 or later, which also pulls the corrected com.ongres.scram:scram-client (release 3.3) so empty channel-binding data is rejected rather than accepted. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory applications and systems running pgjdbc to identify those on versions 42.7.4-42.7.11. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in PostgreSQL
View allPostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() improperl
An issue was discovered in Appsmith before 1.52. Rated critical severity (CVSS 9.8), this vulnerability is remotely expl
Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows re
Unauthenticated arbitrary file write in Splunk Enterprise (below 10.2.4 and 10.0.7) and Splunk Cloud Platform (below 10.
PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allow
The build_tablename function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP through 5.6.7 does not validate t
A vulnerability in the h2oai/h2o-3 REST API versions 3.46.0.4 allows unauthenticated remote attackers to execute arbitra
In PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGRAM" function allows superusers and users in the 'pg_execute_serve
## Summary An unauthenticated SQL injection vulnerability exists in the Vendure Shop API. A user-controlled query strin
Parse Server is an open source http web server backend. Rated critical severity (CVSS 10.0), this vulnerability is remot
Hard-coded default PostgreSQL credentials shipped in the docker-compose.yaml of langgenius Dify through version 1.5.1 al
A vulnerability in the FinanceChatLlamaPack of the run-llama/llama_index repository, versions up to v0.12.3, allows for
Same weakness CWE-636 – Not Failing Securely ('Failing Open')
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-41903