| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2022-41862 |
|
|
|
2023-03-03 |
2023-04-27 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes. |
|
2 |
CVE-2022-24844 |
89 |
|
Sql |
2022-04-13 |
2023-03-01 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. The problem occurs in the following code in server/service/system/sys_auto_code_pgsql.go, which means that PostgreSQL must be used as the database for this vulnerability to occur. Users must: Require JWT login? and be using PostgreSQL to be affected. This issue has been resolved in version 2.5.1. There are no known workarounds. |
|
3 |
CVE-2022-2625 |
1321 |
|
|
2022-08-18 |
2022-12-02 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to run arbitrary code as the victim role, which may be a superuser. |
|
4 |
CVE-2022-1552 |
89 |
|
Exec Code Sql |
2022-08-31 |
2022-12-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not at all during the process. This flaw allows an attacker with permission to create non-temporary objects in at least one schema to execute arbitrary SQL functions under a superuser identity. |
|
5 |
CVE-2021-43767 |
295 |
|
|
2022-08-25 |
2022-08-31 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Odyssey passes to client unencrypted bytes from man-in-the-middle When Odyssey storage is configured to use the PostgreSQL server using 'trust' authentication with a 'clientcert' requirement or to use 'cert' authentication, a man-in-the-middle attacker can inject false responses to the client's first few queries. Despite the use of SSL certificate verification and encryption, Odyssey will pass these results to client as if they originated from valid server. This is similar to CVE-2021-23222 for PostgreSQL. |
|
6 |
CVE-2021-32029 |
125 |
|
|
2021-10-08 |
2022-08-05 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
A flaw was found in postgresql. Using an UPDATE ... RETURNING command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality. |
|
7 |
CVE-2021-32028 |
|
|
|
2021-10-11 |
2023-01-31 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality. |
|
8 |
CVE-2021-32027 |
119 |
|
Overflow |
2021-06-01 |
2023-01-31 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
|
9 |
CVE-2021-23222 |
522 |
|
|
2022-03-02 |
2023-01-31 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption. |
|
10 |
CVE-2021-23214 |
89 |
|
Sql |
2022-03-04 |
2023-01-31 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. |
|
11 |
CVE-2021-20229 |
863 |
|
|
2021-02-23 |
2021-06-09 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privilege on one column to craft a special query that returns all columns of the table. The highest threat from this vulnerability is to confidentiality. |
|
12 |
CVE-2021-3677 |
200 |
|
+Info |
2022-03-02 |
2023-01-31 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include max_worker_processes=0, the known versions of this attack are infeasible. However, undiscovered variants of the attack may be independent of that setting. |
|
13 |
CVE-2021-3393 |
209 |
|
+Info |
2021-04-01 |
2021-06-04 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
|
An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. A user having UPDATE permission but not SELECT permission to a particular column could craft queries which, under some circumstances, might disclose values from that column in error messages. An attacker could use this flaw to obtain information stored in a column they are allowed to write but not read. |
|
14 |
CVE-2020-25696 |
183 |
|
Exec Code |
2020-11-23 |
2020-12-15 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If an interactive psql session uses \gset when querying a compromised server, the attacker can execute arbitrary code as the operating system account running psql. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
|
15 |
CVE-2020-25695 |
89 |
|
Sql |
2020-11-16 |
2022-10-19 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
|
16 |
CVE-2020-25694 |
327 |
|
|
2020-11-16 |
2022-10-19 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters, an opportunity for a man-in-the-middle attack, or the ability to observe clear-text transmissions, could exist. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
|
17 |
CVE-2020-14350 |
426 |
|
|
2020-08-24 |
2023-01-24 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
It was found that some PostgreSQL extensions did not use search_path safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into executing a specially crafted script, during the installation or update of such extension. This affects PostgreSQL versions before 12.4, before 11.9, before 10.14, before 9.6.19, and before 9.5.23. |
|
18 |
CVE-2020-14349 |
89 |
|
Exec Code Sql |
2020-08-24 |
2023-01-24 |
4.6 |
None |
Remote |
High |
??? |
Partial |
Partial |
Partial |
|
It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058, in order to execute arbitrary SQL command in the context of the user used for replication. |
|
19 |
CVE-2020-10733 |
426 |
|
Exec Code |
2020-09-16 |
2022-01-06 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The Windows installer for PostgreSQL 9.5 - 12 invokes system-provided executables that do not have fully-qualified paths. Executables in the directory where the installer loads or the current working directory take precedence over the intended executables. An attacker having permission to add files into one of those directories can use this to execute arbitrary code with the installer's administrative rights. |
|
20 |
CVE-2020-1720 |
862 |
|
|
2020-03-17 |
2020-08-17 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function, triggers, et al., leading to database corruption. This issue affects PostgreSQL versions before 12.2, before 11.7, before 10.12 and before 9.6.17. |
|
21 |
CVE-2019-10209 |
125 |
|
|
2019-10-29 |
2020-10-01 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
|
Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan. |
|
22 |
CVE-2019-10208 |
89 |
|
Sql |
2019-10-29 |
2020-08-17 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5.x before 9.5.19, 9.6.x before 9.6.15, 10.x before 10.10 and 11.x before 11.5 where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE permission on the function, can execute arbitrary SQL as the owner of the function. |
|
23 |
CVE-2019-10164 |
787 |
|
Exec Code Overflow |
2019-06-26 |
2020-10-02 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the PostgreSQL operating system account. |
|
24 |
CVE-2019-10130 |
284 |
|
|
2019-07-30 |
2020-09-30 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
A vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10.8, 9.6.x up to, excluding 9.6.13, 9.5.x up to, excluding 9.5.17. PostgreSQL maintains column statistics for tables. Certain statistics, such as histograms and lists of most common values, contain values taken from the column. PostgreSQL does not evaluate row security policies before consulting those statistics during query planning; an attacker can exploit this to read the most common values of certain columns. Affected columns are those for which the attacker has SELECT privilege and for which, in an ordinary query, row-level security prunes the set of rows visible to the attacker. |
|
25 |
CVE-2019-10129 |
125 |
|
|
2019-07-30 |
2023-02-03 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052). |
|
26 |
CVE-2019-9193 |
78 |
|
Exec Code |
2019-04-01 |
2023-04-06 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
** DISPUTED ** In PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGRAM" function allows superusers and users in the 'pg_execute_server_program' group to execute arbitrary code in the context of the database's operating system user. This functionality is enabled by default and can be abused to run arbitrary operating system commands on Windows, Linux, and macOS. NOTE: Third parties claim/state this is not an issue because PostgreSQL functionality for ‘COPY TO/FROM PROGRAM’ is acting as intended. References state that in PostgreSQL, a superuser can execute commands as the server user without using the ‘COPY FROM PROGRAM’. |
|
27 |
CVE-2018-16850 |
89 |
|
Sql |
2018-11-13 |
2023-01-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges. |
|
28 |
CVE-2018-10925 |
863 |
|
|
2018-08-09 |
2023-02-24 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
None |
|
It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed to properly check authorization on certain statements involved with "INSERT ... ON CONFLICT DO UPDATE". An attacker with "CREATE TABLE" privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain "INSERT" and limited "UPDATE" privileges to a particular table, they could exploit this to update other columns in the same table. |
|
29 |
CVE-2018-10915 |
89 |
|
Sql Bypass |
2018-08-09 |
2021-08-04 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction. Postgresql versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 are affected. |
|
30 |
CVE-2018-1115 |
732 |
|
|
2018-05-10 |
2022-11-30 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could exploit this to force log rotation. |
|
31 |
CVE-2018-1058 |
|
|
Exec Code |
2018-03-02 |
2023-01-19 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected. |
|
32 |
CVE-2018-1053 |
732 |
|
|
2018-02-09 |
2019-10-09 |
3.3 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
None |
|
In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7 and 10.x before 10.2, pg_upgrade creates file in current working directory containing the output of `pg_dumpall -g` under umask which was in effect when the user invoked pg_upgrade, and not under 0077 which is normally used for other temporary files. This can allow an authenticated attacker to read or modify the one file, which may contain encrypted or unencrypted database passwords. The attack is infeasible if a directory mode blocks the attacker searching the current working directory or if the prevailing umask blocks the attacker opening the file. |
|
33 |
CVE-2018-1052 |
200 |
|
+Info |
2018-02-09 |
2019-10-09 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
Memory disclosure vulnerability in table partitioning was found in postgresql 10.x before 10.2, allowing an authenticated attacker to read arbitrary bytes of server memory via purpose-crafted insert to a partitioned table. |
|
34 |
CVE-2017-15099 |
200 |
|
Bypass +Info |
2017-11-22 |
2018-08-28 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
INSERT ... ON CONFLICT DO UPDATE commands in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, and 9.5.x before 9.5.10 disclose table contents that the invoker lacks privilege to read. These exploits affect only tables where the attacker lacks full read access but has both INSERT and UPDATE privileges. Exploits bypass row level security policies and lack of SELECT privilege. |
|
35 |
CVE-2017-15098 |
200 |
|
+Info |
2017-11-22 |
2018-08-28 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
None |
Partial |
|
Invalid json_populate_recordset or jsonb_populate_recordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, and 9.3.x before 9.3.20 can crash the server or disclose a few bytes of server memory. |
|
36 |
CVE-2017-14798 |
362 |
|
|
2018-03-01 |
2019-10-03 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root. |
|
37 |
CVE-2017-12172 |
59 |
|
|
2017-11-22 |
2019-10-09 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs under a non-root operating system account, and database superusers have effective ability to run arbitrary code under that system account. PostgreSQL provides a script for starting the database server during system boot. Packages of PostgreSQL for many operating systems provide their own, packager-authored startup implementations. Several implementations use a log file name that the database superuser can replace with a symbolic link. As root, they open(), chmod() and/or chown() this log file name. This often suffices for the database superuser to escalate to root privileges when root starts the server. |
|
38 |
CVE-2017-8806 |
59 |
|
DoS |
2017-11-13 |
2017-12-08 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
The Debian pg_ctlcluster, pg_createcluster, and pg_upgradecluster scripts, as distributed in the Debian postgresql-common package before 181+deb9u1 for PostgreSQL (and other packages related to Debian and Ubuntu), handled symbolic links insecurely, which could result in local denial of service by overwriting arbitrary files. |
|
39 |
CVE-2017-7548 |
|
|
DoS |
2017-08-16 |
2023-05-16 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no privileges on a large object to overwrite the entire contents of the object, resulting in a denial of service. |
|
40 |
CVE-2017-7547 |
|
|
|
2017-08-16 |
2019-10-03 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers to retrieve passwords from the user mappings defined by the foreign server owners without actually having the privileges to do so. |
|
41 |
CVE-2017-7546 |
287 |
|
|
2017-08-16 |
2019-10-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allowing remote attackers to gain access to database accounts with an empty password. |
|
42 |
CVE-2017-7486 |
200 |
|
+Info |
2017-05-12 |
2018-01-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server. |
|
43 |
CVE-2017-7485 |
311 |
|
|
2017-05-12 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
In PostgreSQL 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3, it was found that the PGREQUIRESSL environment variable was no longer enforcing a SSL/TLS connection to a PostgreSQL server. An active Man-in-the-Middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a client and a server. |
|
44 |
CVE-2017-7484 |
200 |
|
+Info |
2017-05-12 |
2018-01-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access. |
|
45 |
CVE-2016-7048 |
284 |
|
Exec Code |
2018-08-20 |
2023-01-19 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The interactive installer in PostgreSQL before 9.3.15, 9.4.x before 9.4.10, and 9.5.x before 9.5.5 might allow remote attackers to execute arbitrary code by leveraging use of HTTP to download software. |
|
46 |
CVE-2016-5424 |
94 |
|
+Priv |
2016-12-09 |
2018-01-05 |
4.6 |
None |
Remote |
High |
??? |
Partial |
Partial |
Partial |
|
PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain superuser privileges via a (1) " (double quote), (2) \ (backslash), (3) carriage return, or (4) newline character in a (a) database or (b) role name that is mishandled during an administrative operation. |
|
47 |
CVE-2016-5423 |
476 |
|
DoS Exec Code +Info |
2016-12-09 |
2018-01-05 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference and server crash), obtain sensitive memory information, or possibly execute arbitrary code via (1) a CASE expression within the test value subexpression of another CASE or (2) inlining of an SQL function that implements the equality operator used for a CASE expression involving values of different types. |
|
48 |
CVE-2016-3065 |
264 |
|
DoS Bypass +Info |
2016-04-11 |
2016-04-14 |
8.5 |
None |
Remote |
Low |
Not required |
Partial |
None |
Complete |
|
The (1) brin_page_type and (2) brin_metapage_info functions in the pageinspect extension in PostgreSQL before 9.5.x before 9.5.2 allows attackers to bypass intended access restrictions and consequently obtain sensitive server memory information or cause a denial of service (server crash) via a crafted bytea value in a BRIN index page. |
|
49 |
CVE-2016-2193 |
254 |
|
Bypass |
2016-04-11 |
2017-09-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
PostgreSQL before 9.5.x before 9.5.2 does not properly maintain row-security status in cached plans, which might allow attackers to bypass intended access restrictions by leveraging a session that performs queries as more than one role. |
|
50 |
CVE-2016-0773 |
119 |
|
DoS Overflow |
2016-02-17 |
2017-12-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a regular expression. |
