Harutokimura For

**Name of the Vulnerable Software and Affected Versions** PgBouncer versions prior to 1.25.2 **Description** The SCRAM code fails to correctly check the return value of the `strlcat()` function when constructing the SCRAM client-final-message. A malicious backend can trigger a stack overflow by sending a SCRAM server-final-message containing a long nonce. **Recommendations** Update to version 1.25.2 or later.

**Name of the Vulnerable Software and Affected Versions** PgBouncer versions prior to 1.25.2 **Description** A null pointer reference can occur in the `kill pool logins server error()` function if a server sends an error response that lacks the SQLSTATE field, potentially leading to a crash. **Recommendations** Update to version 1.25.2 or later.

**Name of the Vulnerable Software and Affected Versions** PgBouncer versions prior to 1.25.2 **Description** An improper authorization check exists for the 'KILL CLIENT' admin command. Any user with access to the administration console can execute this command, whereas it should be restricted exclusively to users defined in the `admin users` parameter. **Recommendations** Update to version 1.25.2 or later.