4 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-39417
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct...
OESA-2023-1578 postgresql security update
PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...
SQL Injection
postgresql is vulnerable to SQL injection. This vulnerability occurs when a user sends a specially crafted query that uses the @extowner@ function. If the query is valid, PostgreSQL could be tricked into executing arbitrary SQL code...
PT-2023-4422 · Unknown +11 · Postgresql +10
Name of the Vulnerable Software and Affected Versions: PostgreSQL affected versions not specified Description: The issue is related to a SQL injection vulnerability in PostgreSQL extensions that use specific constructs @extowner@, @extschema@, or @extschema:...@ inside quoting constructs dollar...