Latest Postgresql Vulnerabilities

pgjdbc SQL Injection via line comment generation
maven/org.postgresql:postgresql>=42.7.0<42.7.2
maven/org.postgresql:postgresql>=42.6.0<42.6.1
maven/org.postgresql:postgresql>=42.5.0<42.5.5
maven/org.postgresql:postgresql>=42.4.0<42.4.4
maven/org.postgresql:postgresql>=42.3.0<42.3.9
maven/org.postgresql:postgresql<42.2.28
and 22 more
Supabase PostgreSQL v15.1 was discovered to contain a SQL injection vulnerability via the component /pg_meta/default/query. NOTE: the vendor's position is that this is an intended feature; also, it ex...
=15.1
PostgreSQL non-owner REFRESH MATERIALIZED VIEW CONCURRENTLY executes arbitrary SQL
PostgreSQL PostgreSQL>=12.0<12.18
PostgreSQL PostgreSQL>=13.0<13.14
PostgreSQL PostgreSQL>=14.0<14.11
PostgreSQL PostgreSQL>=15.0<15.6
redhat/postgresql<12.18
redhat/postgresql<13.14
and 15 more
Postgresql: role pg_signal_backend can signal certain superuser processes.
ubuntu/postgresql-14<14.10-0ubuntu0.22.04.1
ubuntu/postgresql-14<14.10
ubuntu/postgresql-12<12.17-0ubuntu0.20.04.1
ubuntu/postgresql-12<12.17
ubuntu/postgresql-10<10.23-0ubuntu0.18.04.2+
ubuntu/postgresql-9.5<9.5.25-0ubuntu0.16.04.1+
and 56 more
Postgresql: buffer overrun from integer overflow in array modification
ubuntu/postgresql-14<14.10
ubuntu/postgresql-14<14.10-0ubuntu0.22.04.1
ubuntu/postgresql-12<12.17-0ubuntu0.20.04.1
ubuntu/postgresql-12<12.17
ubuntu/postgresql-10<10.23-0ubuntu0.18.04.2+
ubuntu/postgresql-9.5<9.5.25-0ubuntu0.16.04.1+
and 63 more
Postgresql: memory disclosure in aggregate function calls
ubuntu/postgresql-14<14.10-0ubuntu0.22.04.1
ubuntu/postgresql-14<14.10
ubuntu/postgresql-12<12.17-0ubuntu0.20.04.1
ubuntu/postgresql-12<12.17
ubuntu/postgresql-10<10.23-0ubuntu0.18.04.2+
ubuntu/postgresql-15<15.5
and 55 more
** DISPUTED ** An issue was discovered in PostgreSQL 12.2 allows attackers to cause a denial of service via repeatedly sending SIGHUP signals. NOTE: this is disputed by the vendor because untrusted us...
PostgreSQL PostgreSQL=12.2
=12.2
Postgresql: extension script @substitutions@ within quoting allow sql injection
ubuntu/postgresql-14<14.9-0ubuntu0.22.04.1
ubuntu/postgresql-12<12.16-0ubuntu0.20.04.1
ubuntu/postgresql-9.5<9.5.25-0ubuntu0.16.04.1+
ubuntu/postgresql-15<15.4-1
ubuntu/postgresql-15<15.4-0ubuntu0.23.04.1
ubuntu/postgresql-15<15.4-1ubuntu1
and 19 more
Postgresql: merge fails to enforce update or select row security policies
ubuntu/postgresql-15<15.4-1
ubuntu/postgresql-15<15.4-0ubuntu0.23.04.1
ubuntu/postgresql-15<15.4-1ubuntu1
redhat/postgresql<15.4
PostgreSQL PostgreSQL>=15.0<15.4
Redhat Enterprise Linux=8.0
and 5 more
aiven-extras is a PostgreSQL extension. Versions prior to 1.1.9 contain a privilege escalation vulnerability, allowing elevation to superuser inside PostgreSQL databases that use the aiven-extras pack...
Aiven Aiven<1.1.9
PostgreSQL PostgreSQL>=10.0<=10.22
PostgreSQL PostgreSQL>=11.0<=11.7
PostgreSQL PostgreSQL>=12.0<=12.12
PostgreSQL PostgreSQL>=13.0<=13.8
PostgreSQL PostgreSQL>=14.0<=14.5
and 6 more
CVE-2023-2455: Row security policies disregard user ID changes after inlining. Versions Affected: 11 - 15. This problem is quite old. While <a href="https://access.redhat.com/security/cve/CVE-2016-2...
redhat/PostgreSQL<15.3
redhat/PostgreSQL<14.8
redhat/PostgreSQL<13.11
redhat/PostgreSQL<12.15
redhat/PostgreSQL<11.20
PostgreSQL PostgreSQL>=11.0<11.20
and 16 more
CVE-2023-2454: CREATE SCHEMA ... schema_element defeats protective search_path changes. Versions Affected: 11 - 15. This problem is quite old. This enabled an attacker having database-level CREATE p...
redhat/PostgreSQL<15.3
redhat/PostgreSQL<14.8
redhat/PostgreSQL<13.11
redhat/PostgreSQL<12.15
redhat/PostgreSQL<11.20
PostgreSQL PostgreSQL>=11.0<11.20
and 17 more
A modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. When a libpq client application has a Kerberos credential cache and doesn'...
redhat/postgresql<5.2
redhat/postgresql<14.7
redhat/postgresql<13.10
redhat/postgresql<12.14
redhat/postgresql<11.19
IBM Cloud Pak for Business Automation<=V23.0.1 - V23.0.1-IF001
and 11 more
The pgAdmin server includes an HTTP API that is intended to be used to validate the path a user selects to external PostgreSQL utilities such as pg_dump and pg_restore. The utility is executed by the ...
Postgresql Pgadmin<6.17
Fedoraproject Fedora=37
TemporaryFolder on unix-like systems does not limit access to created files in pgjdbc
redhat/postgresql-jdbc<0:42.2.14-2.el8
redhat/postgresql-jdbc<0:42.2.27-1.el9
redhat/candlepin<0:4.1.20-1.el8
redhat/candlepin<0:4.2.13-1.el8
Postgresql Postgresql Jdbc Driver>=42.2.0<42.2.27
Postgresql Postgresql Jdbc Driver>=42.3.0<42.3.8
and 16 more
Odyssey passes to client unencrypted bytes from man-in-the-middle When Odyssey storage is configured to use the PostgreSQL server using 'trust' authentication with a 'clientcert' requirement or to use...
PostgreSQL PostgreSQL>=9.6.0<9.6.24
PostgreSQL PostgreSQL>=10.0<10.19
PostgreSQL PostgreSQL>=11.0<11.14
PostgreSQL PostgreSQL>=12.0<12.9
PostgreSQL PostgreSQL>=13.0<13.5
PostgreSQL PostgreSQL=14.0
### Impact _What kind of vulnerability is it? Who is impacted?_ The PGJDBC implementation of the `java.sql.ResultRow.refreshRow()` method is not performing escaping of column names so a malicious col...
redhat/postgresql-jdbc<42.2.26
redhat/postgresql-jdbc<42.3.7
redhat/postgresql-jdbc<42.4.1
redhat/postgresql-jdbc<0:42.2.18-6.el9_1
Postgresql Postgresql Jdbc Driver<42.2.26
Postgresql Postgresql Jdbc Driver>=42.3.0<42.3.7
and 10 more
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an...
redhat/postgresql<14.5
redhat/postgresql<13.8
redhat/postgresql<12.12
redhat/postgresql<11.17
redhat/postgresql<10.22
PostgreSQL PostgreSQL>=10.0<10.22
and 11 more
A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH...
redhat/postgresql<14.3
redhat/postgresql<13.7
redhat/postgresql<12.11
redhat/postgresql<11.16
redhat/postgresql<10.21
PostgreSQL PostgreSQL>=10.0<10.21
and 4 more
Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. The problem occurs in the following code in server/service/system/sys_auto_co...
Gin-vue-admin Project Gin-vue-admin<2.5.1
PostgreSQL PostgreSQL
Vulnerable versions: All prior to v6.7. When run in server mode, pgAdmin 4 allows users to store files on the server under individual storage directories. Files such as SQL scripts may be uploaded th...
redhat/pgadmin<6.7
Postgresql Pgadmin 4<6.7
** DISPUTED ** In pgjdbc before 42.3.3, an attacker (who controls the jdbc URL or properties) can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel ...
maven/org.postgresql:postgresql>=42.1.0<42.3.3
debian/libpgjava
Postgresql Postgresql Jdbc Driver>=42.1.0<=42.1.4
Postgresql Postgresql Jdbc Driver>=42.3.0<42.3.3
Debian Debian Linux=10.0
Debian Debian Linux=11.0
and 4 more
PostgreSQL JDBC Driver (PgJDBC) could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unchecked class instantiation when providing plugin classes. By sendin...
IBM Disconnected Log Collector<=v1.0 - v1.8.2
Postgresql Postgresql Jdbc Driver<42.2.25
Postgresql Postgresql Jdbc Driver>=42.3.0<42.3.2
Postgresql Postgresql Jdbc Driver=42.3.2-rc1
Fedoraproject Fedora=35
Quarkus Quarkus<2.7.2
and 4 more
PostgreSQL is vulnerable to a man-in-the-middle attack, caused by improper validation of user-supplied input by libpq. A remote attacker could exploit this vulnerability to launch a man-in-the-middle ...
IBM Spectrum Protect Plus<=10.1.0.0-10.1.9.2
redhat/postgresql<9.6.24
redhat/postgresql<10.19
redhat/postgresql<11.14
redhat/postgresql<12.9
redhat/postgresql<13.5
and 7 more
PostgreSQL is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements when the server is configured to use trust authentication with a clientcert requirement or to u...
IBM QRadar SIEM<=7.5.0 GA
IBM QRadar SIEM<=7.4.3 GA - 7.4.3 FP4
IBM QRadar SIEM<=7.3.3 GA - 7.3.3 FP10
redhat/postgresql<9.6.24
redhat/postgresql<10.19
redhat/postgresql<11.14
and 15 more
A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The a...
redhat/postgresql<13.4
redhat/postgresql<12.8
redhat/postgresql<11.13
PostgreSQL PostgreSQL>=11.0<11.13
PostgreSQL PostgreSQL>=12.0<12.8
PostgreSQL PostgreSQL>=13.0<13.4
and 7 more
PostgreSQL could allow a remote authenticated attacker to obtain sensitive information, caused by an error when using an UPDATE…RETURNING command on a purpose-crafted table. An attacker could exploit ...
IBM Security Verify Access<=10.0.0
redhat/postgresql<13.3
redhat/postgresql<12.7
redhat/postgresql<11.12
PostgreSQL PostgreSQL>=11.0<11.12
PostgreSQL PostgreSQL>=12.0<12.7
and 2 more
PostgreSQL could allow a remote authenticated attacker to obtain sensitive information, caused by a memory disclosure vulnerability when using an INSERT … ON CONFLICT … DO UPDATE command on a purpose-...
IBM Security Verify Access<=10.0.0
redhat/postgresql<13.3
redhat/postgresql<12.7
redhat/postgresql<11.12
redhat/postgresql<10.17
redhat/postgresql<9.6.22
and 5 more
PostgreSQL could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an integer overflow while modifying certain SQL array values. By sending a specially-crafted r...
IBM Security Verify Access<=10.0.0
redhat/postgresql<13.3
redhat/postgresql<12.7
redhat/postgresql<11.12
redhat/postgresql<10.17
redhat/postgresql<9.6.22
and 9 more
A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privilege on one column to craft a special query that returns all columns of the table. The highest threat f...
redhat/postgresql<13.2
PostgreSQL PostgreSQL>=13.0<13.2
Redhat Software Collections
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Fedoraproject Fedora=33
PostgreSQL could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw in the error messages. By sending a specially-crafted query, an attacker could exploit this vul...
IBM Security Verify Governance<=10.0
redhat/postgresql<13.2
redhat/postgresql<12.6
redhat/postgresql<11.11
PostgreSQL PostgreSQL<11.11
PostgreSQL PostgreSQL>=12.0<12.6
and 3 more
A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If an interactive psql session uses \...
redhat/libpq<0:12.5-1.el8_3
redhat/libpq<0:12.5-1.el8_0
redhat/libpq<0:12.5-2.el8_1
redhat/libpq<0:12.5-1.el8_2
redhat/rh-postgresql10-postgresql<0:10.15-1.el7
redhat/rh-postgresql12-postgresql<0:12.5-1.el7
and 13 more
A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least...
redhat/postgresql<0:9.2.24-6.el7_9
redhat/rh-postgresql10-postgresql<0:10.15-1.el7
redhat/rh-postgresql12-postgresql<0:12.5-1.el7
redhat/postgresql<13.1
redhat/postgresql<12.5
redhat/postgresql<11.10
and 10 more
A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that creates additional database connections only...
redhat/postgresql<0:9.2.24-6.el7_9
redhat/libpq<0:12.5-1.el8_3
redhat/libpq<0:12.5-1.el8_0
redhat/libpq<0:12.5-2.el8_1
redhat/libpq<0:12.5-1.el8_2
redhat/rh-postgresql10-postgresql<0:10.15-1.el7
and 14 more
The Windows installer for PostgreSQL 9.5 - 12 invokes system-provided executables that do not have fully-qualified paths. Executables in the directory where the installer loads or the current working ...
PostgreSQL PostgreSQL>=9.5<9.5.22
PostgreSQL PostgreSQL>=9.6<9.6.18
PostgreSQL PostgreSQL>=10.0<10.13
PostgreSQL PostgreSQL>=11.0<11.8
PostgreSQL PostgreSQL>=12.0<12.3
It was found that some PostgreSQL extensions did not use search_path safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into exec...
redhat/rh-postgresql96-postgresql<0:9.6.19-1.el7
redhat/rh-postgresql10-postgresql<0:10.14-1.el7
redhat/rh-postgresql12-postgresql<0:12.4-1.el7
redhat/rhvm-appliance<0:4.4-20210310.0.el8e
redhat/postgresql<12.4
redhat/postgresql<11.9
and 22 more
It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in a...
redhat/rh-postgresql10-postgresql<0:10.14-1.el7
redhat/rh-postgresql12-postgresql<0:12.4-1.el7
redhat/rhvm-appliance<0:4.4-20210310.0.el8e
redhat/postgresql<12.4
redhat/postgresql<11.9
redhat/postgresql<10.14
and 11 more
PostgreSQL JDBC Driver could allow a remote authenticated attacker to obtain sensitive information, caused by an XML external entity (XXE) error when processing XML data. By sending specially crafted ...
IBM ISAM<=9.0.7
IBM Security Verify Access<=10.0.0
Postgresql Postgresql Jdbc Driver<42.2.13
Quarkus Quarkus<=1.5.2
Netapp Steelstore Cloud Integrated Storage
Fedoraproject Fedora=32
and 8 more
A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to p...
redhat/rh-postgresql10-postgresql<0:10.12-2.el7
redhat/rh-postgresql96-postgresql<0:9.6.19-1.el7
redhat/rh-postgresql12-postgresql<0:12.4-1.el7
IBM Data Risk Manager<=2.0.6
redhat/PostgreSQL<12.2
redhat/PostgreSQL<11.7
and 9 more
Stack-based buffer overflow in the *printf function implementations in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1, when running on a...
PostgreSQL PostgreSQL<9.0.19
PostgreSQL PostgreSQL>=9.1.0<9.1.15
PostgreSQL PostgreSQL>=9.2.0<9.2.10
PostgreSQL PostgreSQL>=9.3.0<9.3.6
PostgreSQL PostgreSQL>=9.4.0<9.4.1
Microsoft Windows
and 2 more
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to obtain sensitive column values by triggering constra...
PostgreSQL PostgreSQL<9.0.19
PostgreSQL PostgreSQL>=9.1.0<9.1.15
PostgreSQL PostgreSQL>=9.2.0<9.2.10
PostgreSQL PostgreSQL>=9.3.0<9.3.6
PostgreSQL PostgreSQL>=9.4.0<9.4.1
Debian Debian Linux=7.0
and 1 more
The to_char function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to cause a denial of service (c...
PostgreSQL PostgreSQL<9.0.19
PostgreSQL PostgreSQL>=9.1.0<9.1.15
PostgreSQL PostgreSQL>=9.2.0<9.2.10
PostgreSQL PostgreSQL>=9.3.0<9.3.6
PostgreSQL PostgreSQL>=9.4.0<9.4.1
Debian Debian Linux=7.0
and 1 more
Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allow remote authenticated users to caus...
PostgreSQL PostgreSQL<9.0.19
PostgreSQL PostgreSQL>=9.1.0<9.1.15
PostgreSQL PostgreSQL>=9.2.0<9.2.10
PostgreSQL PostgreSQL>=9.3.0<9.3.6
PostgreSQL PostgreSQL>=9.4.0<9.4.1
Debian Debian Linux=7.0
and 1 more
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote att...
PostgreSQL PostgreSQL<9.0.19
PostgreSQL PostgreSQL>=9.1.0<9.1.15
PostgreSQL PostgreSQL>=9.2.0<9.2.10
PostgreSQL PostgreSQL>=9.3.0<9.3.6
PostgreSQL PostgreSQL>=9.4.0<9.4.1
Debian Debian Linux=7.0
and 1 more
The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows ...
PostgreSQL PostgreSQL<9.0.20
PostgreSQL PostgreSQL>=9.1<9.1.16
PostgreSQL PostgreSQL>=9.2<9.2.11
PostgreSQL PostgreSQL>=9.3<9.3.7
PostgreSQL PostgreSQL>=9.4<9.4.2
Debian Debian Linux=7.0
and 6 more
contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which m...
PostgreSQL PostgreSQL<9.0.20
PostgreSQL PostgreSQL>=9.1<9.1.16
PostgreSQL PostgreSQL>=9.2<9.2.11
PostgreSQL PostgreSQL>=9.3<9.3.7
PostgreSQL PostgreSQL>=9.4<9.4.2
Debian Debian Linux=7.0
and 6 more
The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation.
Postgresql Postgresql-common<210
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.04
Canonical Ubuntu Linux=19.10
Debian Debian Linux=9.0
and 8 more
Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via bundled OpenSSL executing code from unprotected directory.
PostgreSQL PostgreSQL<9.4.24
PostgreSQL PostgreSQL>=9.5.0<9.5.19
PostgreSQL PostgreSQL>=9.6.0<9.6.15
PostgreSQL PostgreSQL>=10.0<10.10
PostgreSQL PostgreSQL>=11.0<11.5
Microsoft Windows
Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan.
PostgreSQL PostgreSQL>=11.0<11.5
Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via superuser writing password to unprotected temporary file.
PostgreSQL PostgreSQL<9.4.24
PostgreSQL PostgreSQL>=9.5.0<9.5.19
PostgreSQL PostgreSQL>=9.6.0<9.6.15
PostgreSQL PostgreSQL>=10.0<10.10
PostgreSQL PostgreSQL>=11.0<11.5
Microsoft Windows

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203