CVE-2024-45624

Published: Sep 12, 2024

Modified: Nov 3, 2025

PUBLISHED

Description

Exposure of sensitive information due to incompatible policies issue exists in Pgpool-II. If a database user accesses a query cache, table data unauthorized for the user may be retrieved.

Vendor	Product	Versions
PgPool Global Development Group	Pgpool-II	affected `All versions of 3.2 series`
PgPool Global Development Group	Pgpool-II	affected `4.5.0 to 4.5.3 (4.5 series)`
PgPool Global Development Group	Pgpool-II	affected `4.4.0 to 4.4.8 (4.4 series)`
PgPool Global Development Group	Pgpool-II	affected `4.3.0 to 4.3.11 (4.3 series)`
PgPool Global Development Group	Pgpool-II	affected `4.2.0 to 4.2.18 (4.2 series)`
PgPool Global Development Group	Pgpool-II	affected `4.1.0 to 4.1.21 (4.1 series)`
PgPool Global Development Group	Pgpool-II	affected `All versions of 4.0 series`
PgPool Global Development Group	Pgpool-II	affected `All versions of 3.7 series`
PgPool Global Development Group	Pgpool-II	affected `All versions of 3.6 series`
PgPool Global Development Group	Pgpool-II	affected `All versions of 3.5 series`
PgPool Global Development Group	Pgpool-II	affected `All versions of 3.4 series`
PgPool Global Development Group	Pgpool-II	affected `All versions of 3.3 series`

References

https://www.pgpool.net/mediawiki/index.php/Main_Page#News

https://jvn.jp/en/jp/JVN67456481/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-45624

Description

Affected Products

References