Buffer Overflow The advisory has been revoked - it doesn't affect any version of package postgresql-jdbc-javadoc  (opens in a new tab)


Threat Intelligence

Social Trends
EPSS
0.46% (37th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-RHEL8-POSTGRESQLJDBCJAVADOC-17158016
  • published4 Jun 2026
  • disclosed14 May 2026

Introduced: 14 May 2026

CVE-2026-6477  (opens in a new tab)
CWE-120  (opens in a new tab)

Amendment

The Red Hat security team deemed this advisory irrelevant for RHEL:8.

NVD Description

Note: Versions mentioned in the description apply only to the upstream postgresql-jdbc-javadoc package and not the postgresql-jdbc-javadoc package as distributed by RHEL.

Use of inherently dangerous function PQfn(..., result_is_int=0, ...) in PostgreSQL libpq lo_export(), lo_read(), lo_lseek64(), and lo_tell64() functions allows the server superuser to overwrite a client stack buffer with an arbitrarily-large response. Like gets(), PQfn(..., result_is_int=0, ...) stores arbitrary-length, server-determined data into a buffer of unspecified size. Because both the \lo_export command in psql and pg_dump call lo_read(), the server superuser can overwrite pg_dump or psql stack memory. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.