Advisory ROSA-SA-2021-1955

Software: postgresql 9.2.24
OS: Cobalt 7.9

CVE-ID: CVE-2016-7048
CVE-Crit: HIGH
CVE-DESC: The interactive installer in PostgreSQL before 9.3.15, 9.4.x before 9.4.10, and 9.5.x before 9.5.5 may allow remote attackers to execute arbitrary code using HTTP to download software.
CVE-STATUS: Default
CVE-REV: Default

CVE-ID: CVE-2018-10936
CVE-Crit: HIGH
CVE-DESC: A vulnerability was discovered in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL factory and not verify the hostname if a hostname verifier was not provided for the driver. This could cause an attacker to masquerade as a trusted server by providing a certificate for the wrong host if it was signed by a trusted certificate authority.
CVE-STATUS: Default
CVE-REV: Default

CVE-ID: CVE-2018-1115
CVE-Crit: CRITICAL
CVE-DESC: postgresql before versions 10.4, 9.6.9 is vulnerable in adminpack extension, pg_catalog.pg_logfile_rotate () function does not follow the same ACL as pg_rorate_logfile. If adminpack is added to the database, an attacker who can connect to it can use it to force log rotation.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2019-3466
CVE-Crit: HIGH
CVE-DESC: The pg_ctlcluster script in postgresql-common in versions before 210 did not reset privileges when creating temporary socket / statistics directories, which could lead to local privilege escalation.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2020-13692
CVE-Crit: HIGH
CVE-DESC: PostgreSQL JDBC driver (also known as PgJDBC) before 42.2.13 allows XXE.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2020-25694
CVE-Crit: HIGH
CVE-DESC: The bug was discovered in PostgreSQL versions prior to 13.1, prior to 12.5, prior to 11.10, prior to 10.15, prior to 9.6.20, and prior to 9.5.24. If a client application that creates additional database connections reuses only the basic connection parameters, discarding security-related parameters, the possibility of a man-in-the-middle attack or the ability to observe the transmission of plaintext may exist. The greatest threat from this vulnerability is to data confidentiality and integrity, as well as system availability.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2020-25695
CVE-Crit: HIGH
CVE-DESC: The bug was discovered in PostgreSQL versions prior to 13.1, prior to 12.5, prior to 11.10, prior to 10.15, prior to 9.6.20, and prior to 9.5.24. An attacker with permission to create non-temporal objects in at least one schema could execute arbitrary SQL functions as a superuser. The greatest threat from this vulnerability is related to data confidentiality and integrity, as well as system availability.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2021-3393
CVE-Crit: MEDIUM
CVE-DESC: The information leak was discovered in postgresql in versions prior to 13.2, prior to 12.6, and prior to 11.11. A user with UPDATE permission but no SELECT permission for a particular column can create queries that, under some circumstances, can expose values from that column in error messages. An attacker could exploit this vulnerability to retrieve information stored in a column that they are authorized to write but not read.
CVE-STATUS: default
CVE-REV: Default