DEBIAN-CVE-2020-25696

A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If an interactive psql session uses \gset when querying a compromised server, the attacker can execute arbitrary code as the operating...

Perl DBD-Pg Module: Arbitrary code execution

Background DBD-Pg is a PostgreSQL interface module for Perl. Description Format string vulnerabilities have been found in the the "pgwarn" and "dbdstprepare" functions in dbdimp.c. Impact A remote PostgreSQL server could send specially crafted database warnings or DBD statements, possibly resulti...

perl-DBD-Pg: pg_getline buffer overflow

Heap-based buffer overflow in the DBD::Pg aka DBD-Pg or libdbd-pg-perl module 1.49 for Perl might allow context-dependent attackers to execute arbitrary code via unspecified input to an application that uses the getline and pggetline functions to read database rows...