SUSE SLES15 Security Update : postgresql16 (SUSE-SU-2024:3159-2)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3159-2 advisory. - Upgrade to 16.4 bsc1229013 - CVE-2024-7348: PostgreSQL relation replacement during pgdump executes arbitrary SQL. bsc1229013 - CVE-2024-4317:...

Amazon Linux 2 : postgresql (ALASPOSTGRESQL14-2024-012)

The version of postgresql installed on the remote host is prior to 14.13-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2POSTGRESQL14-2024-012 advisory. Time-of-check Time-of-use TOCTOU race condition in pgdump in PostgreSQL allows an object creator to execute arbitrary...

Amazon Linux 2 : postgresql (ALASPOSTGRESQL12-2024-011)

The version of postgresql installed on the remote host is prior to 12.20-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2POSTGRESQL12-2024-011 advisory. Time-of-check Time-of-use TOCTOU race condition in pgdump in PostgreSQL allows an object creator to execute arbitrary...

Oracle Linux 8 : postgresql:16 (ELSA-2024-5927)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-5927 advisory. pgaudit 16.0-1 - Update to 16.0 - Support postgresql 16 - Initial import for PG 16 module - Resolves: RHEL-3636 pgrepack postgres-decoderbufs...

CVE-2024-7348

A vulnerability was found in PostgreSQL. A Race condition in pgdump allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the R...