CVE-2017-15098

🗓️ 22 Nov 2017 17:00:00Reported by redhatType

Invalid json_populate_recordset function calls in PostgreSQL can crash server or disclose server memory

Reporter	Title	Published	Views	Family All 81
FreeBSD	PostgreSQL vulnerabilities	10 Oct 201700:00	–	freebsd
Amazon	Medium: postgresql95, postgresql96	5 Dec 201700:00	–	amazon
Amazon	Medium: postgresql92, postgresql93, postgresql94	5 Dec 201700:00	–	amazon
Tenable Nessus	Amazon Linux AMI : postgresql95 / postgresql96 (ALAS-2017-930)	7 Dec 201700:00	–	nessus
Tenable Nessus	Amazon Linux AMI : postgresql92 / postgresql93,postgresql94 (ALAS-2017-931)	7 Dec 201700:00	–	nessus
Tenable Nessus	Debian DSA-4027-1 : postgresql-9.4 - security update	10 Nov 201700:00	–	nessus
Tenable Nessus	Debian DSA-4028-1 : postgresql-9.6 - security update	10 Nov 201700:00	–	nessus
Tenable Nessus	FreeBSD : PostgreSQL vulnerabilities (1f02af5d-c566-11e7-a12d-6cc21735f730)	10 Nov 201700:00	–	nessus
Tenable Nessus	Juniper Junos Space < 17.2R1 Multiple Vulnerabilities (JSA10838)	21 Mar 201800:00	–	nessus
Tenable Nessus	MiracleLinux 7 : rh-postgresql96-postgresql-9.6.10-1.el7 (AXSA:2018-3310:01)	16 Jan 202600:00	–	nessus

NVD

Vulners

Node

postgresql postgresqlMatch9.3

postgresql postgresqlMatch9.3.1

postgresql postgresqlMatch9.3.2

postgresql postgresqlMatch9.3.3

postgresql postgresqlMatch9.3.4

postgresql postgresqlMatch9.3.5

postgresql postgresqlMatch9.3.6

postgresql postgresqlMatch9.3.7

postgresql postgresqlMatch9.3.8

postgresql postgresqlMatch9.3.9

postgresql postgresqlMatch9.3.10

postgresql postgresqlMatch9.3.11

postgresql postgresqlMatch9.3.12

postgresql postgresqlMatch9.3.13

postgresql postgresqlMatch9.3.14

postgresql postgresqlMatch9.3.15

postgresql postgresqlMatch9.3.16

postgresql postgresqlMatch9.3.17

postgresql postgresqlMatch9.3.18

postgresql postgresqlMatch9.3.19

postgresql postgresqlMatch9.4

postgresql postgresqlMatch9.4.1

postgresql postgresqlMatch9.4.2

postgresql postgresqlMatch9.4.3

postgresql postgresqlMatch9.4.4

postgresql postgresqlMatch9.4.5

postgresql postgresqlMatch9.4.6

postgresql postgresqlMatch9.4.7

postgresql postgresqlMatch9.4.8

postgresql postgresqlMatch9.4.9

postgresql postgresqlMatch9.4.10

postgresql postgresqlMatch9.4.11

postgresql postgresqlMatch9.4.12

postgresql postgresqlMatch9.4.13

postgresql postgresqlMatch9.4.14

postgresql postgresqlMatch9.5

postgresql postgresqlMatch9.5.1

postgresql postgresqlMatch9.5.2

postgresql postgresqlMatch9.5.3

postgresql postgresqlMatch9.5.4

postgresql postgresqlMatch9.5.5

postgresql postgresqlMatch9.5.6

postgresql postgresqlMatch9.5.7

postgresql postgresqlMatch9.5.8

postgresql postgresqlMatch9.5.9

postgresql postgresqlMatch9.6

postgresql postgresqlMatch9.6.1

postgresql postgresqlMatch9.6.2

postgresql postgresqlMatch9.6.3

postgresql postgresqlMatch9.6.4

postgresql postgresqlMatch9.6.5

postgresql postgresqlMatch10

Node

debian debian_linuxMatch8.0

[
  {
    "product": "postgresql",
    "vendor": "Red Hat, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20"
      }
    ]
  }
]

Source	Link
securityfocus	www.securityfocus.com/bid/101781
postgresql	www.postgresql.org/about/news/1801/
debian	www.debian.org/security/2017/dsa-4027
access	www.access.redhat.com/errata/RHSA-2018:2566
postgresql	www.postgresql.org/support/security/
securitytracker	www.securitytracker.com/id/1039752
debian	www.debian.org/security/2017/dsa-4028
access	www.access.redhat.com/errata/RHSA-2018:2511

13 May 2026 00:24Current

7.5High risk

Vulners AI Score7.5

CVSS 25.5

CVSS 38.1

EPSS0.00908

CWE-200