Lucene search
RedhatCVELIST:CVE-2021-23222HistoryMar 02, 2022 - 12:00 a.m.
CVE-2021-23222
2022-03-0200:00:00
CWE-522
redhat
www.cve.org
1
A man-in-the-middle attacker can inject false responses to the client’s first few queries, despite the use of SSL certificate verification and encryption.
CNA Affected
[
{
"vendor": "n/a",
"product": "postgresql",
"versions": [
{
"version": "Affects v9.6 to v14",
"status": "affected"
}
]
}
]References
bugzilla.redhat.com/show_bug.cgi?id=2022675
git.postgresql.org/gitweb/?p=postgresql.git%3Ba=commitdiff%3Bh=d83cdfdca9d918bbbd6bb209139b94c954da7228
github.com/postgres/postgres/commit/160c0258802d10b0600d7671b1bbea55d8e17d45
security.gentoo.org/glsa/202211-04
www.postgresql.org/support/security/CVE-2021-23222/
Related
osv
osv
CVE-2021-23222
2022-03-02 23:15:08
Low: libpq security update
2022-05-10 06:36:04
BIT-postgresql-2021-23222
2024-03-06 11:05:21
veracode
veracode
Denial Of Service (DoS)
2021-11-14 07:42:43
redhatcve
redhatcve
CVE-2021-23222
2021-11-12 12:00:28
nessus
nessus
EulerOS 2.0 SP3 : postgresql (EulerOS-SA-2022-1756)
2022-05-26 00:00:00
Amazon Linux 2 : postgresql (ALASPOSTGRESQL14-2024-008)
2024-03-06 00:00:00
Rocky Linux 8 : libpq (RLSA-2022:1891)
2023-11-06 00:00:00
alpinelinux
alpinelinux
CVE-2021-23222
2022-03-02 23:15:08
oraclelinux
oraclelinux
libpq security update
2022-05-17 00:00:00
redhat
redhat
(RHSA-2022:1891) Low: libpq security update
2022-05-10 06:36:04
(RHSA-2021:5197) Moderate: rh-postgresql12-postgresql security update
2021-12-16 18:07:11
(RHSA-2021:5179) Moderate: rh-postgresql13-postgresql security update
2021-12-16 11:34:46
openvas
openvas
Ubuntu: Security Advisory (USN-5765-1)
2022-12-08 00:00:00
Huawei EulerOS: Security Advisory for postgresql (EulerOS-SA-2022-1197)
2022-02-24 00:00:00
Huawei EulerOS: Security Advisory for postgresql (EulerOS-SA-2022-1756)
2022-05-25 00:00:00
debiancve
debiancve
CVE-2021-23222
2022-03-02 23:15:08
ubuntu
ubuntu
PostgreSQL vulnerability
2022-12-07 00:00:00
PostgreSQL vulnerabilities
2021-11-11 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-23222 affecting package postgresql for versions less than 14.2-1
2022-04-26 20:17:02
CVE-2021-23222 affecting package postgresql 12.8-1
2022-03-19 16:40:54
almalinux
almalinux
Low: libpq security update
2022-05-10 06:36:04
ubuntucve
ubuntucve
CVE-2021-23222
2021-11-11 00:00:00
cve
cve
CVE-2021-23222
2022-03-02 23:15:08
CVE-2021-43767
2022-08-25 18:15:09
rocky
rocky
libpq security update
2022-05-10 06:36:04
prion
prion
Design/Logic Flaw
2022-03-02 23:15:00
Authentication flaw
2022-08-25 18:15:00
nvd
nvd
CVE-2021-23222
2022-03-02 23:15:08
CVE-2021-43767
2022-08-25 18:15:09
altlinux
altlinux
suse
suse
Security update for postgresql14 (important)
2021-11-22 00:00:00
Security update for postgresql10 (important)
2021-12-15 00:00:00
Security update for postgresql10 (important)
2021-12-14 00:00:00
debian
debian
[SECURITY] [DLA 2817-1] postgresql-9.6 security update
2021-11-12 08:47:17
[SECURITY] [DSA 5007-1] postgresql-13 security update
2021-11-11 21:52:56
[SECURITY] [DSA 5006-1] postgresql-11 security update
2021-11-11 21:49:53
cvelist
cvelist
CVE-2021-43767
2022-08-25 17:27:39
kaspersky
kaspersky
KLA12378 Multiple vulnerabilities in PostgreSQL
2021-11-11 00:00:00
redos
redos
ROS-20220125-13
2022-01-25 00:00:00
ibm
ibm
Security Bulletin: IBM Spectrum Protect Plus is vulnerable to PostgreSQL Man-in-the-Middle and Slowloris Denial of Service attacks (CVE-2021-23222, CVE-2022-22354)
2022-03-11 16:31:31
mageia
mageia
Updated postgresql packages fix security vulnerability
2021-11-25 16:06:13
freebsd
freebsd
PostgreSQL -- Possible man-in-the-middle attacks
2021-11-08 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: pgbouncer-1.16.1-1.fc35
2021-12-31 01:21:38
github
github
PostgresNIO processes unencrypted bytes from man-in-the-middle
2023-05-10 19:20:16
gentoo
gentoo
PostgreSQL: Multiple Vulnerabilities
2022-11-19 00:00:00
hp
hp
HP Device Manager Vulnerability Update (5.0.12)
2024-01-26 00:00:00