179 matches found
RHEL 7 : rh-postgresql12-postgresql (RHSA-2024:0990)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0990 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW...
Oracle Linux 9 : postgresql:15 (ELSA-2024-0950)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0950 advisory. pgaudit pgrepack postgres-decoderbufs postgresql 15.6-1 - update to 15.6 - Fixes CVE-2024-0985 Tenable has extracted the preceding description block directly fr...
postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL
A flaw was found in PostgreSQL. A late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL can allow an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling a safe refre...
postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL
A flaw was found in PostgreSQL. A late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL can allow an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling a safe refre...
ALSA-2024:0950 Important: postgresql:15 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...
RHEL 9 : postgresql (RHSA-2024:0951)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0951 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW...
SUSE SLED15: libecpg6 / libecpg6-32bit / libpq5 / libpq5-32bit / postgresql16 / etc (SUSE-SU-2024:0550-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0550-1 advisory. Upgrade to 16.2: - CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW...
SUSE SLES12: postgresql13 / postgresql13-contrib / postgresql13-devel / etc (SUSE-SU-2024:0541-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0541-1 advisory. Upgrade to 13.14: - CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY bsc1219679. Tenable has...
SUSE SLES12: postgresql12 / postgresql12-contrib / postgresql12-devel / etc (SUSE-SU-2024:0542-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0542-1 advisory. Upgrade to 12.18: - CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY bsc1219679. Tenable has...
SUSE SLES12: libecpg6 / libecpg6-32bit / libpq5 / libpq5-32bit / postgresql16 / etc (SUSE-SU-2024:0546-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0546-1 advisory. Upgrade to 16.2: - CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY bsc1219679. Tenable has...
SUSE: Security Advisory (SUSE-SU-2024:0551-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:0551-1 Security update for postgresql15
This update for postgresql15 fixes the following issues: Upgrade to 15.6: - CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY bsc1219679...
SUSE-SU-2024:0550-1 Security update for postgresql16
This update for postgresql16 fixes the following issues: Upgrade to 16.2: - CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY bsc1219679...
SUSE-SU-2024:0541-1 Security update for postgresql13
This update for postgresql13 fixes the following issues: Upgrade to 13.14: - CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY bsc1219679...
SUSE-SU-2024:0540-1 Security update for postgresql14
This update for postgresql14 fixes the following issues: Upgrade to 14.11: - CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY bsc1219679...
SUSE SLES12: postgresql15 / postgresql15-contrib / postgresql15-devel / etc (SUSE-SU-2024:0520-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0520-1 advisory. Upgrade to 15.6: - CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY bsc1219679. Tenable has...
SUSE SLES15: postgresql12 / postgresql12-contrib / postgresql12-devel / etc (SUSE-SU-2024:0523-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0523-1 advisory. Upgrade to 12.18: - CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY bsc1219679...
SUSE-SU-2024:0523-1 Security update for postgresql12
This update for postgresql12 fixes the following issues: Upgrade to 12.18: - CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY bsc1219679...
SUSE: Security Advisory (SUSE-SU-2024:0520-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PostgreSQL 12.x < 12.18 / 13.x < 13.14 / 14.x < 14.11 / 15.x < 15.6 SQL Injection
The version of PostgreSQL installed on the remote host is 12 prior to 12.18, 13 prior to 13.14, 14 prior to 14.11, or 15 prior to 15.6. It is, therefore, affected by following vulnerability: - Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to...