Amazon Linux 2 : postgresql (ALASPOSTGRESQL13-2024-006)

The version of postgresql installed on the remote host is prior to 13.14-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2POSTGRESQL13-2024-006 advisory. Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute...

Amazon Linux 2 : libpq (ALASPOSTGRESQL14-2024-007)

The version of libpq installed on the remote host is prior to 14.11-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2POSTGRESQL14-2024-007 advisory. Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary...

SUSE-SU-2024:0773-1 Security update for postgresql-jdbc

This update for postgresql-jdbc fixes the following issues: - CVE-2024-1597: Fixed SQL Injection via line comment generation bsc1220644...

CVE-2024-0985 affecting package postgresql for versions less than 14.11-1

CVE-2024-0985 affecting package postgresql for versions less than 14.11-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-41862 affecting package postgresql for versions less than 14.11-1

CVE-2022-41862 affecting package postgresql for versions less than 14.11-1. This CVE either no longer is or was never applicable...

SUSE-SU-2024:0771-1 Security update for postgresql-jdbc

This update for postgresql-jdbc fixes the following issues: - CVE-2024-1597: Fixed SQL Injection via line comment generation bsc1220644...

SUSE-SU-2024:0769-1 Security update for postgresql-jdbc

This update for postgresql-jdbc fixes the following issues: - CVE-2024-1597: Fixed SQL Injection via line comment generation bsc1220644...

SQL Injection

Lparse-server is vulnerable to a SQL injection when configured to use the PostgreSQL database. The vulnerability is due to inadequate input validation, allowing malicious SQL queries to be injected, particularly when interacting with a PostgreSQL database...

Important: postgresql15

Issue Overview: Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted...

Important: postgresql15

Issue Overview: Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted...

RHEL 8 : postgresql:12 (RHSA-2024:1071)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1071 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW...

CentOS: Security Advisory for postgresql (CESA-2023:7783)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 8 : postgresql:12 (RHSA-2024:1069)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1069 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW...

RHEL 8 : postgresql:12 (RHSA-2024:1070)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1070 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW...

postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL

A flaw was found in PostgreSQL. A late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL can allow an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling a safe refre...

Important: Red Hat Security Advisory: postgresql:12 security update

An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL

A flaw was found in PostgreSQL. A late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL can allow an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling a safe refre...

Important: Red Hat Security Advisory: postgresql:12 security update

An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL

A flaw was found in PostgreSQL. A late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL can allow an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling a safe refre...

Important: Red Hat Security Advisory: postgresql:12 security update

An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as...