CVE-2017-7546 - log back

CVE-2017-7546 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Authentication bypass
Description
+ It was found that authenticating to a PostgreSQL database account with an empty password was possible despite libpq's refusal to send an empty password. A remote attacker could potentially use this flaw to gain access to database accounts with empty passwords.
References
+ https://www.postgresql.org/about/news/1772/
+ https://github.com/postgres/postgres/commit/d5d46d99ba47f
Notes