KLA11300Multiple vulnerabilities in PostgreSQL

2018-08-09T00:00:00
ID KLA11300
Type kaspersky
Reporter Kaspersky Lab
Modified 2019-03-07T00:00:00

Description

Detect date:

08/09/2018

Severity:

Warning

Description:

Multiple serious vulnerabilities were found in PostgreSQL. Malicious users can exploit these vulnerabilities to bypass security restrictions and obtain sensitive information.

Affected products:

PostgreSQL 10.x earlier than 10.5
PostgreSQL 9.6.x earlier than 9.6.10
PostgreSQL 9.5.x earlier than 9.5.14
PostgreSQL 9.4.x earlier than 9.4.19
PostgreSQL 9.3.x earlier than 9.3.24

Solution:

Update to the latest version
Download PostgreSQL

Original advisories:

POSTGRESQL 10.5, 9.6.10, 9.5.14, 9.4.19, 9.3.24, AND 11 BETA 3 RELEASED!

Impacts:

OSI

Related products:

PostgreSQL

CVE-IDS:

CVE-2018-109158.5Warning
CVE-2018-109257.1Warning