Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2009 Greenbone Networks GmbHOPENVAS:830498
HistoryApr 09, 2009 - 12:00 a.m.

Mandriva Update for postgresql MDVSA-2008:004 (postgresql)

2009-04-0900:00:00
Copyright (C) 2009 Greenbone Networks GmbH
plugins.openvas.org
21

0.013 Low

EPSS

Percentile

84.6%

JSON

Check for the Version of postgresql

###############################################################################
# OpenVAS Vulnerability Test
#
# Mandriva Update for postgresql MDVSA-2008:004 (postgresql)
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "Index Functions Privilege Escalation (CVE-2007-6600): as a unique
  feature, PostgreSQL allows users to create indexes on the results of
  user-defined functions, known as expression indexes. This provided
  two vulnerabilities to privilege escalation: (1) index functions were
  executed as the superuser and not the table owner during VACUUM and
  ANALYZE, and (2) that SET ROLE and SET SESSION AUTHORIZATION were
  permitted within index functions.

  Regular Expression Denial-of-Service (CVE-2007-4772, CVE-2007-6067,
  CVE-2007-4769): three separate issues in the regular expression
  libraries used by PostgreSQL allowed malicious users to initiate
  a denial-of-service by passing certain regular expressions in SQL
  queries. First, users could create infinite loops using some specific
  regular expressions. Second, certain complex regular expressions
  could consume excessive amounts of memory. Third, out-of-range backref
  numbers could be used to crash the backend.
  
  DBLink Privilege Escalation (CVE-2007-6601): DBLink functions
  combined with local trust or ident authentication could be used by
  a malicious user to gain superuser privileges. This issue has been
  fixed, and does not affect users who have not installed DBLink (an
  optional module), or who are using password authentication for local
  access. This same problem was addressed in the previous release cycle
  (see CVE-2007-3278), but that patch failed to close all forms of
  the loophole.
  
  Updated packages fix these issues by upgrading to the latest
  maintenance versions of PostgreSQL.";

tag_affected = "postgresql on Mandriva Linux 2007.0,
  Mandriva Linux 2007.0/X86_64,
  Mandriva Linux 2007.1,
  Mandriva Linux 2007.1/X86_64,
  Mandriva Linux 2008.0,
  Mandriva Linux 2008.0/X86_64";
tag_solution = "Please Install the Updated Packages.";



if(description)
{
  script_xref(name : "URL" , value : "http://lists.mandriva.com/security-announce/2008-01/msg00010.php");
  script_id(830498);
  script_version("$Revision: 6568 $");
  script_tag(name:"last_modification", value:"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $");
  script_tag(name:"creation_date", value:"2009-04-09 14:18:58 +0200 (Thu, 09 Apr 2009)");
  script_tag(name:"cvss_base", value:"7.2");
  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_xref(name: "MDVSA", value: "2008:004");
  script_cve_id("CVE-2007-6600", "CVE-2007-4772", "CVE-2007-6067", "CVE-2007-4769", "CVE-2007-6601", "CVE-2007-3278");
  script_name( "Mandriva Update for postgresql MDVSA-2008:004 (postgresql)");

  script_summary("Check for the Version of postgresql");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
  script_family("Mandrake Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/release");
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");


res = "";
if(release == NULL){
  exit(0);
}

if(release == "MNDK_2007.1")
{

  if ((res = isrpmvuln(pkg:"libecpg5", rpm:"libecpg5~8.2.6~0.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libecpg5-devel", rpm:"libecpg5-devel~8.2.6~0.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libpq5", rpm:"libpq5~8.2.6~0.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libpq5-devel", rpm:"libpq5-devel~8.2.6~0.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql", rpm:"postgresql~8.2.6~0.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql-contrib", rpm:"postgresql-contrib~8.2.6~0.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql-devel", rpm:"postgresql-devel~8.2.6~0.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql-docs", rpm:"postgresql-docs~8.2.6~0.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql-pl", rpm:"postgresql-pl~8.2.6~0.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql-plperl", rpm:"postgresql-plperl~8.2.6~0.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql-plpgsql", rpm:"postgresql-plpgsql~8.2.6~0.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql-plpython", rpm:"postgresql-plpython~8.2.6~0.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql-pltcl", rpm:"postgresql-pltcl~8.2.6~0.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql-server", rpm:"postgresql-server~8.2.6~0.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql-test", rpm:"postgresql-test~8.2.6~0.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64ecpg5", rpm:"lib64ecpg5~8.2.6~0.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64ecpg5-devel", rpm:"lib64ecpg5-devel~8.2.6~0.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64pq5", rpm:"lib64pq5~8.2.6~0.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64pq5-devel", rpm:"lib64pq5-devel~8.2.6~0.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}


if(release == "MNDK_2007.0")
{

  if ((res = isrpmvuln(pkg:"libecpg5", rpm:"libecpg5~8.1.11~0.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libecpg5-devel", rpm:"libecpg5-devel~8.1.11~0.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libpq4", rpm:"libpq4~8.1.11~0.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libpq4-devel", rpm:"libpq4-devel~8.1.11~0.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql", rpm:"postgresql~8.1.11~0.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql-contrib", rpm:"postgresql-contrib~8.1.11~0.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql-devel", rpm:"postgresql-devel~8.1.11~0.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql-docs", rpm:"postgresql-docs~8.1.11~0.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql-pl", rpm:"postgresql-pl~8.1.11~0.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql-plperl", rpm:"postgresql-plperl~8.1.11~0.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql-plpgsql", rpm:"postgresql-plpgsql~8.1.11~0.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql-plpython", rpm:"postgresql-plpython~8.1.11~0.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql-pltcl", rpm:"postgresql-pltcl~8.1.11~0.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql-server", rpm:"postgresql-server~8.1.11~0.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql-test", rpm:"postgresql-test~8.1.11~0.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64ecpg5", rpm:"lib64ecpg5~8.1.11~0.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64ecpg5-devel", rpm:"lib64ecpg5-devel~8.1.11~0.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64pq4", rpm:"lib64pq4~8.1.11~0.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64pq4-devel", rpm:"lib64pq4-devel~8.1.11~0.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}


if(release == "MNDK_2008.0")
{

  if ((res = isrpmvuln(pkg:"libecpg-devel", rpm:"libecpg-devel~8.2.6~0.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libecpg5", rpm:"libecpg5~8.2.6~0.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libpq-devel", rpm:"libpq-devel~8.2.6~0.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libpq5", rpm:"libpq5~8.2.6~0.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql", rpm:"postgresql~8.2.6~0.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql-devel", rpm:"postgresql-devel~8.2.6~0.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql8.2", rpm:"postgresql8.2~8.2.6~0.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql8.2-contrib", rpm:"postgresql8.2-contrib~8.2.6~0.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql8.2-devel", rpm:"postgresql8.2-devel~8.2.6~0.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql8.2-docs", rpm:"postgresql8.2-docs~8.2.6~0.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql8.2-pl", rpm:"postgresql8.2-pl~8.2.6~0.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql8.2-plperl", rpm:"postgresql8.2-plperl~8.2.6~0.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql8.2-plpgsql", rpm:"postgresql8.2-plpgsql~8.2.6~0.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql8.2-plpython", rpm:"postgresql8.2-plpython~8.2.6~0.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql8.2-pltcl", rpm:"postgresql8.2-pltcl~8.2.6~0.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql8.2-server", rpm:"postgresql8.2-server~8.2.6~0.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"postgresql8.2-test", rpm:"postgresql8.2-test~8.2.6~0.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64ecpg-devel", rpm:"lib64ecpg-devel~8.2.6~0.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64ecpg5", rpm:"lib64ecpg5~8.2.6~0.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64pq-devel", rpm:"lib64pq-devel~8.2.6~0.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64pq5", rpm:"lib64pq5~8.2.6~0.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}

Related

openvas 77
nessus 41
osv 2
debian 2
redhat 7
gentoo 1
oraclelinux 4
centos 7
fedora 4
securityvulns 5
ubuntu 1
suse 5
freebsd 1
cvelist 8
veracode 7
prion 8
ubuntucve 8
cve 8
postgresql 3
openvas
openvas
Debian Security Advisory DSA 1460-1 (postgresql-8.1)
2008-01-31 00:00:00
Gentoo Security Advisory GLSA 200801-15 (postgresql)
2008-09-24 00:00:00
Ubuntu Update for postgresql vulnerabilities USN-568-1
2009-03-23 00:00:00
nessus
nessus
GLSA-200801-15 : PostgreSQL: Multiple vulnerabilities
2008-01-29 00:00:00
Debian DSA-1460-1 : postgresql-8.1 - several vulnerabilities
2008-01-14 00:00:00
Debian DSA-1463-1 : postgresql-7.4 - several vulnerabilities
2008-01-15 00:00:00
osv
osv
postgresql-7.4 - several
2008-01-14 00:00:00
postgresql-8.1 - several
2008-01-13 00:00:00
debian
debian
[SECURITY] [DSA 1463-1] New postgresql-7.4 packages fix several vulnerabilities
2008-01-14 18:52:18
[SECURITY] [DSA 1460-1] New postgresql-8.1 packages fix several vulnerabilities
2008-01-13 15:45:28
redhat
redhat
(RHSA-2008:0040) Moderate: postgresql security update
2008-02-01 00:00:00
(RHSA-2008:0038) Moderate: postgresql security update
2008-01-11 00:00:00
(RHSA-2008:0039) Moderate: postgresql security update
2008-01-11 00:00:00
gentoo
gentoo
PostgreSQL: Multiple vulnerabilities
2008-01-29 00:00:00
oraclelinux
oraclelinux
Moderate: postgresql security update
2008-01-11 00:00:00
Moderate: postgresql security update
2008-01-11 00:00:00
tcl security and bug fix update
2013-01-11 00:00:00
centos
centos
postgresql security update
2008-01-11 15:27:05
rh security update
2008-01-11 14:31:56
tcl security update
2013-01-09 20:44:22
fedora
fedora
[SECURITY] Fedora 8 Update: postgresql-8.2.6-1.fc8
2008-01-11 22:14:38
[SECURITY] Fedora 7 Update: postgresql-8.2.6-1.fc7
2008-01-11 22:24:42
[SECURITY] Fedora 11 Update: postgresql-8.3.8-1.fc11
2009-09-11 23:21:13
securityvulns
securityvulns
PostgreSQL 2007-01-07 Cumulative Security Release
2008-01-08 00:00:00
PostgreSQL database server multiple security vulnerabilities
2008-01-08 00:00:00
PostgreSQL dblink library multiple security vulnerabilities
2007-09-26 00:00:00
ubuntu
ubuntu
PostgreSQL vulnerabilities
2008-01-14 00:00:00
suse
suse
remote code execution in postgresql
2008-02-06 10:24:49
Security update for postgresql93 (important)
2016-02-22 14:11:16
Security update for postgresql93 (important)
2016-02-21 11:11:04
freebsd
freebsd
postgresql -- multiple vulnerabilities
2008-01-06 00:00:00
cvelist
cvelist
CVE-2007-6601
2008-01-09 21:00:00
CVE-2007-6067
2008-01-09 21:00:00
CVE-2007-6600
2008-01-09 21:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:45:32
Privilege Escalation
2020-04-10 00:19:40
Regular Expression Denial Of Service (ReDoS)
2019-01-15 08:52:38
prion
prion
Authentication flaw
2008-01-09 21:46:00
Sql injection
2007-06-19 21:30:00
Design/Logic Flaw
2008-01-09 21:46:00
ubuntucve
ubuntucve
CVE-2007-6601
2008-01-09 00:00:00
CVE-2007-6067
2008-01-09 00:00:00
CVE-2007-4769
2008-01-09 00:00:00
cve
cve
CVE-2007-6601
2008-01-09 21:46:00
CVE-2007-6067
2008-01-09 21:46:00
CVE-2007-4772
2008-01-09 21:46:00
postgresql
postgresql
Vulnerability in core server (CVE-2007-6600)
2008-01-09 21:46:00
Vulnerability in core server (CVE-2007-4769)
2008-01-09 21:46:00
Vulnerability in contrib module (CVE-2007-6601)
2008-01-09 21:46:00

0.013 Low

EPSS

Percentile

84.6%

JSON
Related for OPENVAS:830498
openvas77nessus41osv2debian2redhat7gentoo1oraclelinux4centos7fedora4securityvulns5ubuntu1suse5freebsd1cvelist8veracode7prion8ubuntucve8cve8postgresql3