Posted on

PgBouncer up to 1.5.4 Password Packet src/client.c NULL Pointer Dereference denial of service

A vulnerability was found in PgBouncer up to 1.5.4. It has been rated as problematic. This issue affects an unknown functionality of the file src/client.c of the component Password Packet Handler. Upgrading to version 1.5.5 eliminates this vulnerability. A possible mitigation has been published before and not just after the disclosure of the vulnerability.