If PostgreSQL is configured with LDAP authentication, and your LDAP configuration allows anonymous binds, it is possible for a user to authenticate themselves with an empty password.
For more information about PostgreSQL versioning,
please visit the versioning page.
Reporting Security Vulnerabilities
If you wish to report a new security vulnerability in PostgreSQL, please
send an email to
For reporting non-security bugs, please see the Report a Bug page.