Search CVE reports
21 – 25 of 25 results
Some fixes available 5 of 7
Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then...
8 affected packages
postgresql, postgresql-10, postgresql-12, postgresql-14, postgresql-15...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| postgresql | Not in release | Not in release | Not in release | Not in release |
| postgresql-10 | Not in release | Not in release | Not in release | Fixed |
| postgresql-12 | Not in release | Not in release | Fixed | Not in release |
| postgresql-14 | Not in release | Fixed | Not in release | Not in release |
| postgresql-15 | Not in release | Not in release | Not in release | Not in release |
| postgresql-9.1 | Not in release | Not in release | Not in release | Not in release |
| postgresql-9.3 | Not in release | Not in release | Not in release | Not in release |
| postgresql-9.5 | Not in release | Not in release | Not in release | Not in release |
Some fixes available 6 of 7
schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code.
8 affected packages
postgresql, postgresql-10, postgresql-12, postgresql-14, postgresql-15...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| postgresql | Not in release | Not in release | Not in release | Not in release |
| postgresql-10 | Not in release | Not in release | Not in release | Fixed |
| postgresql-12 | Not in release | Not in release | Fixed | Not in release |
| postgresql-14 | Not in release | Fixed | Not in release | Not in release |
| postgresql-15 | Not in release | Not in release | Not in release | Not in release |
| postgresql-9.1 | Not in release | Not in release | Not in release | Not in release |
| postgresql-9.3 | Not in release | Not in release | Not in release | Not in release |
| postgresql-9.5 | Not in release | Not in release | Not in release | Not in release |
In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error...
6 affected packages
postgresql-12, postgresql-14, postgresql-9.1, postgresql-9.3, postgresql-9.5, postgresql-10
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| postgresql-12 | — | Not in release | Fixed | Not in release |
| postgresql-14 | — | Fixed | Not in release | Not in release |
| postgresql-9.1 | — | Not in release | Not in release | Not in release |
| postgresql-9.3 | — | Not in release | Not in release | Not in release |
| postgresql-9.5 | — | Not in release | Not in release | Not in release |
| postgresql-10 | — | Not in release | Not in release | Not affected |
Some fixes available 3 of 5
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in...
7 affected packages
postgresql-10, postgresql-12, postgresql-13, postgresql-14, postgresql-9.1...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| postgresql-10 | Not in release | Not in release | Not in release | Fixed |
| postgresql-12 | Not in release | Not in release | Fixed | Not in release |
| postgresql-13 | Not in release | Not in release | Not in release | Not in release |
| postgresql-14 | Not in release | Fixed | Not in release | Not in release |
| postgresql-9.1 | Not in release | Not in release | Not in release | Not in release |
| postgresql-9.3 | Not in release | Not in release | Not in release | Not in release |
| postgresql-9.5 | Not in release | Not in release | Not in release | Not in release |
Some fixes available 5 of 6
A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER,...
7 affected packages
postgresql-10, postgresql-12, postgresql-13, postgresql-14, postgresql-9.1...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| postgresql-10 | Not in release | Not in release | Not in release | Fixed |
| postgresql-12 | Not in release | Not in release | Fixed | Not in release |
| postgresql-13 | Not in release | Not in release | Not in release | Not in release |
| postgresql-14 | Not in release | Fixed | Not in release | Not in release |
| postgresql-9.1 | Not in release | Not in release | Not in release | Not in release |
| postgresql-9.3 | Not in release | Not in release | Not in release | Not in release |
| postgresql-9.5 | Not in release | Not in release | Not in release | Not in release |