Lucene search

K
osvGoogleOSV:RLSA-2021:2360
HistoryJun 09, 2021 - 11:21 a.m.

Important: postgresql:9.6 security update

2021-06-0911:21:04
Google
osv.dev
10
postgresql
9.6
security update
buffer overrun
memory disclosure
cve-2021-32027
cve-2021-32028

AI Score

9.2

Confidence

High

EPSS

0.007

Percentile

80.4%

PostgreSQL is an advanced object-relational database management system (DBMS).

The following packages have been upgraded to a later upstream version: postgresql (9.6.22)

Security Fix(es):

  • postgresql: Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027)

  • postgresql: Memory disclosure in INSERT … ON CONFLICT … DO UPDATE (CVE-2021-32028)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.