MiracleLinux 8 : postgresql:12 (AXSA:2021-2347:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2347:01 advisory. postgresql: Buffer overrun from integer overflow in array subscripting calculations CVE-2021-32027 postgresql: Memory disclosure in INSERT ... ON...

CentOS 8 : postgresql:12 (CESA-2021:2372)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:2372 advisory. - postgresql: Buffer overrun from integer overflow in array subscripting calculations CVE-2021-32027 - postgresql: Memory disclosure in INSERT ... ON...

postgresql: Partition constraint violation errors leak values of denied columns

An information leak was discovered in postgresql. A user having UPDATE permission but not SELECT permission to a particular column could craft queries which, under some circumstances, might disclose values from that column in error messages. An attacker could use this flaw to obtain information...

postgresql: Partition constraint violation errors leak values of denied columns

An information leak was discovered in postgresql. A user having UPDATE permission but not SELECT permission to a particular column could craft queries which, under some circumstances, might disclose values from that column in error messages. An attacker could use this flaw to obtain information...

RHEL 8 : postgresql:12 (RHSA-2021:2389)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2389 advisory. PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream...

postgresql: Partition constraint violation errors leak values of denied columns

An information leak was discovered in postgresql. A user having UPDATE permission but not SELECT permission to a particular column could craft queries which, under some circumstances, might disclose values from that column in error messages. An attacker could use this flaw to obtain information...

Important: Red Hat Security Advisory: postgresql:12 security update

An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

postgresql:12 security update

An update is available for postgresql, pgaudit, postgres-decoderbufs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PostgreSQL is an advanced object-relational...

Vulnerability in core server (CVE-2021-3393)

Partition constraint violation errors leak values of denied columns A user having an UPDATE privilege on a partitioned table but lacking the SELECT privilege on some column may be able to acquire denied-column values from an error message. This is similar to CVE-2014-8161, but the conditions to...