Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-39417HistoryAug 11, 2023 - 12:19 p.m.
CVE-2023-39417
2023-08-1112:19:15
Debian Security Bug Tracker
security-tracker.debian.org
26
sql injection
postgresql
extension script
0.001 Low
EPSS
Percentile
50.1%
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:…@ inside a quoting construct (dollar quoting, ‘’, or “”). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 10 | all | postgresql-11 | < 11.21-0+deb10u2 | postgresql-11_11.21-0+deb10u2_all.deb |
| Debian | 11 | all | postgresql-13 | < 13.13-0+deb11u1 | postgresql-13_13.13-0+deb11u1_all.deb |
| Debian | 12 | all | postgresql-15 | < 15.5-0+deb12u1 | postgresql-15_15.5-0+deb12u1_all.deb |
Related
nessus
nessus
Ubuntu 16.04 ESM : PostgreSQL vulnerability (USN-6366-1)
2023-09-13 00:00:00
Amazon Linux 2 : postgresql (ALASPOSTGRESQL12-2023-005)
2023-09-27 00:00:00
Debian DLA-3600-1 : postgresql-11 - LTS security update
2023-10-03 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:3346-1)
2023-08-18 00:00:00
openSUSE: Security Advisory for postgresql15 (SUSE-SU-2023:3384-1)
2024-03-04 00:00:00
openSUSE: Security Advisory for postgresql15 (SUSE-SU-2023:3344-1)
2024-03-04 00:00:00
kaspersky
kaspersky
KLA52240 RCE vulnerability in PostgreSQL
2023-08-10 00:00:00
broadcom
broadcom
ibm
ibm
cbl_mariner
cbl_mariner
CVE-2023-39417 affecting package postgresql for versions less than 14.10-1
2024-01-14 22:46:30
prion
prion
Sql injection
2023-08-11 13:15:00
debian
debian
[SECURITY] [DLA 3600-1] postgresql-11 security update
2023-10-03 21:58:11
[SECURITY] [DSA 5554-1] postgresql-13 security update
2023-11-13 21:27:39
[SECURITY] [DSA 5553-1] postgresql-15 security update
2023-11-13 21:15:25
cvelist
cvelist
cve
cve
CVE-2023-39417
2023-08-11 12:19:15
osv
osv
CVE-2023-39417
2023-08-11 13:15:09
BIT-postgresql-2023-39417
2024-03-06 11:03:15
postgresql-11 - security update
2023-10-04 00:00:00
redos
redos
ROS-20231009-01
2023-10-09 00:00:00
ROS-20240329-11
2024-03-29 00:00:00
ROS-20240329-12
2024-03-29 00:00:00
redhatcve
redhatcve
CVE-2023-39417
2023-08-11 06:19:18
ubuntu
ubuntu
PostgreSQL vulnerability
2023-09-13 00:00:00
PostgreSQL vulnerabilities
2023-08-17 00:00:00
alpinelinux
alpinelinux
CVE-2023-39417
2023-08-11 12:19:15
veracode
veracode
SQL Injection
2023-08-16 00:26:16
freebsd
freebsd
ubuntucve
ubuntucve
CVE-2023-39417
2023-08-11 00:00:00
mageia
mageia
Updated postgresql packages fix security vulnerability
2023-09-11 16:07:54
cloudfoundry
cloudfoundry
USN-6296-1: PostgreSQL vulnerabilities | Cloud Foundry
2024-03-18 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0632
2023-08-14 00:00:00
Important Photon OS Security Update - PHSA-2023-4.0-0450
2023-08-14 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2359
2024-02-27 09:01:10
rocky
rocky
postgresql:13 security update
2023-12-06 23:16:33
postgresql:12 security update
2024-01-09 04:07:10
postgresql:15 security update
2024-01-09 04:08:12
oraclelinux
oraclelinux
postgresql:12 security update
2023-12-18 00:00:00
postgresql security update
2023-12-15 00:00:00
postgresql:13 security update
2023-11-30 00:00:00
redhat
redhat
(RHSA-2023:7770) Important: rh-postgresql12-postgresql security update
2023-12-13 07:47:10
(RHSA-2023:7784) Important: postgresql security update
2023-12-13 14:48:22
(RHSA-2023:7714) Important: postgresql:12 security update
2023-12-11 09:25:48
almalinux
almalinux
Important: postgresql:12 security update
2023-12-11 00:00:00
Important: postgresql:13 security update
2023-11-29 00:00:00
Important: postgresql security update
2023-12-13 00:00:00
hp
hp
HP Device Manager Vulnerability Update (5.0.12)
2024-01-26 00:00:00
ics
ics
Siemens SINEC NMS
2024-02-15 12:00:00