96 matches found
PostgreSQL 9.5.x < 9.5.23 / 9.6.x < 9.6.19 / 10.x < 10.14 / 11.x < 11.9 / 12.x < 12.4 Multiple Vulnerabilities
The version of PostgreSQL installed on the remote host is 9.5 prior to 9.5.23, 9.6 prior to 9.6.19, 10 prior to 10.14, 11 prior to 11.9, or 12 prior to 12.4. As such, it is potentially affected by multiple vulnerabilities : - Uncontrolled search path element in logical replication CVE-2020-14349 ...
SUSE SLED15 / SLES15 Security Update : postgresql12 (SUSE-SU-2020:2265-1)
This update for postgresql12 fixes the following issues : update to 12.4 : - CVE-2020-14349, bsc1175193: Set a secure searchpath in logical replication walsenders and apply workers - CVE-2020-14350, bsc1175194: Make contrib modules' installation scripts more secure. -...
SUSE-SU-2020:2271-1 Security update for postgresql12
This update for postgresql12 fixes the following issues: - update to 12.4: CVE-2020-14349, bsc1175193: Set a secure searchpath in logical replication walsenders and apply workers CVE-2020-14350, bsc1175194: Make contrib modules' installation scripts more secure...
SUSE-SU-2020:2265-1 Security update for postgresql12
This update for postgresql12 fixes the following issues: - update to 12.4: CVE-2020-14349, bsc1175193: Set a secure searchpath in logical replication walsenders and apply workers CVE-2020-14350, bsc1175194: Make contrib modules' installation scripts more secure...
CVE-2020-14349
It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the searchpath during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058, in order to execute arbitrary SQL command in the context of the...
UBUNTU-CVE-2020-14349
It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the searchpath during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058, in order to execute arbitrary SQL command in the context of the...
CVE-2020-14349
A flaw was found in PostgreSQL, where it did not properly sanitize the searchpath during logical replication. This flaw allows an authenticated attacker to use this flaw in an attack similar to CVE-2018-1058 to execute an arbitrary SQL command in the user's context for replication. The highest...
Vulnerability in core server (CVE-2020-14349)
Uncontrolled search path element in logical replication The PostgreSQL searchpath setting determines schemas searched for tables, functions, operators, etc. The CVE-2018-1058 fix caused most PostgreSQL-provided client applications to sanitize searchpath, but logical replication continued to leave...
SUSE SLED15 / SLES15 Security Update : postgresql10 / postgresql12 (SUSE-SU-2020:2149-1)
This update for postgresql10 and postgresql12 fixes the following issues : postgresql10 was updated to 10.13 bsc1171924. https://www.postgresql.org/about/news/2038/ https://www.postgresql.org/docs/10/release-10-13.html postgresql10 was updated to 10.12 CVE-2020-1720, bsc1163985...
SUSE SLES12 Security Update : postgresql10 (SUSE-SU-2018:3074-2)
This update for brings postgresql10 version 10.5 to SUSE Linux Enterprise 12 SP3. FATE325659 bnc1108308 This release marks the change of the versioning scheme for PostgreSQL to a 'x.y' format. This means the next minor releases of PostgreSQL will be 10.1, 10.2, ... and the next major release will...
SUSE-SU-2018:3074-2 Security update for postgresql10
This update for brings postgresql10 version 10.5 to SUSE Linux Enterprise 12 SP3. FATE325659 bnc1108308 This release marks the change of the versioning scheme for PostgreSQL to a 'x.y' format. This means the next minor releases of PostgreSQL will be 10.1, 10.2, ... and the next major release will...
openSUSE Security Update : postgresql10 (openSUSE-2018-1148)
This update for brings postgresql10 version 10.5 to openSUSE Leap 42.3. FATE325659 bnc1108308 This release marks the change of the versioning scheme for PostgreSQL to a 'x.y' format. This means the next minor releases of PostgreSQL will be 10.1, 10.2, ... and the next major release will be 11. -...
openSUSE: Security Advisory for postgresql10 (openSUSE-SU-2018:3104-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for postgresql10 (moderate)
This update for brings postgresql10 version 10.5 to openSUSE Leap 42.3. FATE325659 bnc1108308 This release marks the change of the versioning scheme for PostgreSQL to a "x.y" format. This means the next minor releases of PostgreSQL will be 10.1, 10.2, ... and the next major release will be 11...
SUSE SLED12 / SLES12 Security Update : postgresql10 (SUSE-SU-2018:3074-1)
This update for brings postgresql10 version 10.5 to SUSE Linux Enterprise 12 SP3. FATE325659 bnc1108308 This release marks the change of the versioning scheme for PostgreSQL to a 'x.y' format. This means the next minor releases of PostgreSQL will be 10.1, 10.2, ... and the next major release will...
SUSE-SU-2018:3074-1 Security update for postgresql10
This update for brings postgresql10 version 10.5 to SUSE Linux Enterprise 12 SP3. FATE325659 bnc1108308 This release marks the change of the versioning scheme for PostgreSQL to a 'x.y' format. This means the next minor releases of PostgreSQL will be 10.1, 10.2, ... and the next major release will...