Search CVE reports
11 – 14 of 14 results
CVE-2023-2454
Medium prioritySome fixes available 6 of 7
schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code.
8 affected packages
postgresql, postgresql-10, postgresql-12, postgresql-14, postgresql-15...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| postgresql | Not in release | Not in release | Not in release | Not in release | Ignored |
| postgresql-10 | Not in release | Not in release | Not in release | Fixed | Not in release |
| postgresql-12 | Not in release | Not in release | Fixed | Not in release | Not in release |
| postgresql-14 | Not in release | Fixed | Not in release | Not in release | Not in release |
| postgresql-15 | Not in release | Not in release | Not in release | Not in release | Ignored |
| postgresql-9.1 | Not in release | Not in release | Not in release | Not in release | Not in release |
| postgresql-9.3 | Not in release | Not in release | Not in release | Not in release | Not in release |
| postgresql-9.5 | Not in release | Not in release | Not in release | Not in release | Fixed |
CVE-2022-41862
Medium priorityIn PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error...
6 affected packages
postgresql-10, postgresql-12, postgresql-14, postgresql-9.1, postgresql-9.3, postgresql-9.5
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| postgresql-10 | — | Not in release | Not in release | Not affected | Not in release |
| postgresql-12 | — | Not in release | Fixed | Not in release | Not in release |
| postgresql-14 | — | Fixed | Not in release | Not in release | Not in release |
| postgresql-9.1 | — | Not in release | Not in release | Not in release | Not in release |
| postgresql-9.3 | — | Not in release | Not in release | Not in release | Not in release |
| postgresql-9.5 | — | Not in release | Not in release | Not in release | Not affected |
CVE-2022-2625
Medium prioritySome fixes available 3 of 5
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in...
7 affected packages
postgresql-10, postgresql-12, postgresql-13, postgresql-14, postgresql-9.1...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| postgresql-10 | Not in release | Not in release | Not in release | Fixed | Not in release |
| postgresql-12 | Not in release | Not in release | Fixed | Not in release | Not in release |
| postgresql-13 | Not in release | Not in release | Not in release | Not in release | Not in release |
| postgresql-14 | Not in release | Fixed | Not in release | Not in release | Not in release |
| postgresql-9.1 | Not in release | Not in release | Not in release | Not in release | Not in release |
| postgresql-9.3 | Not in release | Not in release | Not in release | Not in release | Not in release |
| postgresql-9.5 | Not in release | Not in release | Not in release | Not in release | Ignored |
CVE-2022-1552
Medium prioritySome fixes available 5 of 6
A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER,...
7 affected packages
postgresql-10, postgresql-12, postgresql-13, postgresql-14, postgresql-9.1...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| postgresql-10 | Not in release | Not in release | Not in release | Fixed | Not in release |
| postgresql-12 | Not in release | Not in release | Fixed | Not in release | Not in release |
| postgresql-13 | Not in release | Not in release | Not in release | Not in release | Not in release |
| postgresql-14 | Not in release | Fixed | Not in release | Not in release | Not in release |
| postgresql-9.1 | Not in release | Not in release | Not in release | Not in release | Not in release |
| postgresql-9.3 | Not in release | Not in release | Not in release | Not in release | Not in release |
| postgresql-9.5 | Not in release | Not in release | Not in release | Not in release | Fixed |