Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

TencentOS Server 3: postgresql:15 (TSSA-2023:0326)

🗓️ 20 Nov 2025 00:00:00Reported by TenableType 
nessus
 nessus🔗 www.tenable.com👁 2 Views

TencentOS Server 3 PostgreSQL 15 has memory disclosure, code execution, DoS and SQL injection per TSSA-2023:0326.

Related
Refs
Code
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Security Bulletin: Vulnerability in PostgreSQL affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.
11 Mar 202516:17
ibm
IBM Security Bulletins		Security Bulletin: Multiple Security Vulnerabilities were identified in IBM Security Verify Access.
9 Jan 202420:27
ibm
IBM Security Bulletins		Security Bulletin: IBM Security Guardium is vulnerable to sensitive information disclosure (CVE-2023-5868)
15 May 202417:33
ibm
IBM Security Bulletins		Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
26 Mar 202504:11
ibm
IBM Security Bulletins		Security Bulletin: IBM Observability with Instana (OnPrem) is affected by multiple security vulnerabilities
10 Jul 202407:59
ibm
IBM Security Bulletins		Security Bulletin: Vulnerabilities in Node.js, AngularJS, Golang Go, libcURL, PostgreSQL, Linux kernel might affect IBM Spectrum Protect Plus
24 Sep 202405:05
ibm
IBM Security Bulletins		Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for January 2024.
2 Feb 202408:25
ibm
IBM Security Bulletins		Security Bulletin: IBM Sterling Connect:Direct Web Service is vulnerable to sensitive information exposure due to PostgreSQL (CVE-2023-5868)
24 Apr 202404:46
ibm
IBM Security Bulletins		Security Bulletin: IBM Sterling Connect:Direct Web Service is vulnerable to security bypass due to PostgreSQL (CVE-2023-39418)
19 Feb 202408:07
ibm
IBM Security Bulletins		Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities
30 Jan 202404:12
ibm
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Tencent Linux Security Advisory TSSA-2023:0326.
##

include('compat.inc');

if (description)
{
  script_id(276063);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/12/05");

  script_cve_id(
    "CVE-2023-5868",
    "CVE-2023-5869",
    "CVE-2023-5870",
    "CVE-2023-39417",
    "CVE-2023-39418"
  );
  script_xref(name:"IAVB", value:"2023-B-0060-S");
  script_xref(name:"IAVB", value:"2023-B-0088-S");

  script_name(english:"TencentOS Server 3: postgresql:15 (TSSA-2023:0326)");

  script_set_attribute(attribute:"synopsis", value:
"The remote TencentOS Server 3 host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is,
therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0326 advisory.

    Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:

      CVE-2023-5868:
      A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive
    information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling
    'unknown'-type values from string literals without type designation can disclose bytes, potentially
    revealing notable and confidential information. This issue exists due to excessive data output in
    aggregate function calls, enabling remote users to read some portion of system memory.

      CVE-2023-5869:
      A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code
    through missing overflow checks during SQL array value modification. This issue exists due to an integer
    overflow during array modification where a remote user can trigger the overflow by providing specially
    crafted data. This enables the execution of arbitrary code on the target system, allowing users to write
    arbitrary bytes to memory and extensively read the server's memory.

      CVE-2023-5870:
      A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers,
    including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful
    exploitation requires a non-core extension with a less-resilient background worker and would affect that
    specific background worker only. This issue may allow a remote high privileged user to launch a denial of
    service (DoS) attack.

      CVE-2023-39417:
      IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@,
    @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ). If an
    administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with
    database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.

      CVE-2023-39418:
      A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows
    against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some
    rows that INSERT policies do not forbid, a user could store such rows.

Tenable has extracted the preceding description block directly from the Tencent Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://mirrors.tencent.com/tlinux/errata/tssa-20230326.xml");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-5869");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/08/10");
  script_set_attribute(attribute:"patch_publication_date", value:"2024/01/19");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/11/20");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:tencent:tencentos_server:3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:tencent:tencentos_server:pg_repack");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:tencent:tencentos_server:pgaudit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:tencent:tencentos_server:postgres-decoderbufs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:tencent:tencentos_server:postgresql");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tencent Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/etc/os-release", "Host/TencentOS/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'TencentOS' >!< os_product) audit(AUDIT_OS_NOT, 'TencentOS');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'TencentOS');
if (! preg(pattern:"^3([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'TencentOS 3.x', 'TencentOS ' + os_version);

if (!get_kb_item('Host/TencentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'TencentOS', cpu);

var constraints = [
  {
    'release': '3',
    'pkgs': [
      {'reference':'pg_repack-1.4.8-1.module+el8.8.0+529+32b8dcc8', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'pg_repack-1.4.8-1.module+el8.8.0+529+32b8dcc8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'pg_repack-debuginfo-1.4.8-1.module+el8.8.0+529+32b8dcc8', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'pg_repack-debuginfo-1.4.8-1.module+el8.8.0+529+32b8dcc8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'pg_repack-debugsource-1.4.8-1.module+el8.8.0+529+32b8dcc8', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'pg_repack-debugsource-1.4.8-1.module+el8.8.0+529+32b8dcc8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'pgaudit-1.7.0-1.module+el8.8.0+529+32b8dcc8', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'pgaudit-1.7.0-1.module+el8.8.0+529+32b8dcc8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'pgaudit-debuginfo-1.7.0-1.module+el8.8.0+529+32b8dcc8', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'pgaudit-debuginfo-1.7.0-1.module+el8.8.0+529+32b8dcc8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'pgaudit-debugsource-1.7.0-1.module+el8.8.0+529+32b8dcc8', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'pgaudit-debugsource-1.7.0-1.module+el8.8.0+529+32b8dcc8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgres-decoderbufs-1.9.7-1.Final.module+el8.8.0+529+32b8dcc8', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgres-decoderbufs-1.9.7-1.Final.module+el8.8.0+529+32b8dcc8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgres-decoderbufs-debuginfo-1.9.7-1.Final.module+el8.8.0+529+32b8dcc8', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgres-decoderbufs-debuginfo-1.9.7-1.Final.module+el8.8.0+529+32b8dcc8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgres-decoderbufs-debugsource-1.9.7-1.Final.module+el8.8.0+529+32b8dcc8', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgres-decoderbufs-debugsource-1.9.7-1.Final.module+el8.8.0+529+32b8dcc8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-contrib-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-contrib-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-contrib-debuginfo-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-contrib-debuginfo-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-debuginfo-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-debuginfo-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-debugsource-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-debugsource-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-docs-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-docs-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-docs-debuginfo-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-docs-debuginfo-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-plperl-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-plperl-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-plperl-debuginfo-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-plperl-debuginfo-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-plpython3-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-plpython3-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-plpython3-debuginfo-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-plpython3-debuginfo-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-pltcl-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-pltcl-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-pltcl-debuginfo-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-pltcl-debuginfo-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-private-devel-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-private-devel-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-private-libs-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-private-libs-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-private-libs-debuginfo-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-private-libs-debuginfo-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-server-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-server-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-server-debuginfo-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-server-debuginfo-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-server-devel-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-server-devel-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-server-devel-debuginfo-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-server-devel-debuginfo-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-static-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-static-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-test-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-test-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-test-debuginfo-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-test-debuginfo-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-test-rpm-macros-15.5-1.module+el8.8.0+564+cf33e027', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-upgrade-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-upgrade-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-upgrade-debuginfo-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-upgrade-debuginfo-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-upgrade-devel-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-upgrade-devel-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-upgrade-devel-debuginfo-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'postgresql-upgrade-devel-debuginfo-15.5-1.module+el8.8.0+564+cf33e027', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'pg_repack / pg_repack-debuginfo / pg_repack-debugsource / etc');
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
05 Dec 2025 00:00Current
7.6High risk
Vulners AI Score7.6
CVSS 3.18.8
EPSS0.02718
SSVC
TencentOS Server 3PostgreSQL fifteenmemory disclosurecode executiondenial of servicequery language injection
2