Impact of CVE-2009-2943 and CVE-2026-42198 on Carbon Black EDR

search cancel

Impact of CVE-2009-2943 and CVE-2026-42198 on Carbon Black EDR

book

Article ID: 440987

calendar_today

Updated On:

Products

Carbon Black EDR

Issue/Introduction

Impact of CVE-2009-2943 and CVE-2026-42198 on Carbon Black EDR (CB EDR)

CVE-2009-2943
The vulnerability affects the postgresql-ocaml bindings 1.5.4, 1.7.0, and 1.12.1 for PostgreSQL libpq
https://nvd.nist.gov/vuln/detail/CVE-2009-2943

CVE-2026-42198
The vulnerability affects the pgjdbc driver from version 42.2.0 through the pre‑42.7.11 releases.
https://nvd.nist.gov/vuln/detail/CVE-2026-42198

Environment

CB EDR server version: 7.9.x

Resolution

Below is the assessment:

CVE-2009-2943: No impact, the vulnerable components are not used in our codebase.
CVE-2026-42198: Although the CB EDR server uses an affected version of the pgjdbc driver, the vulnerability is not exploitable in our environment because the server connects only to a trusted, internal database.

Feedback

thumb_up Yes

thumb_down No