Amazon Linux 2 : libpq (ALASPOSTGRESQL12-2024-006)

The version of libpq installed on the remote host is prior to 12.17-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2POSTGRESQL12-2024-006 advisory. 2024-06-06: CVE-2023-5869 was removed from this advisory.2024-06-06: The severity of this advisory was modified from...

CentOS 8 : postgresql:12 (CESA-2023:7714)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:7714 advisory. - IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quotin...

Rocky Linux 8 : postgresql:10 (RLSA-2023:7790)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:7790 advisory. - A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value...

Important: postgresql15

Issue Overview: Certain aggregate function calls receiving "unknown"-type arguments could disclose bytes of server memory from the end of the "unknown"-type value to the next zero byte. One typically gets an "unknown"-type value via a string literal having no type designation. We have not confirm...

Important: postgresql15

Issue Overview: Certain aggregate function calls receiving "unknown"-type arguments could disclose bytes of server memory from the end of the "unknown"-type value to the next zero byte. One typically gets an "unknown"-type value via a string literal having no type designation. We have not confirm...

Amazon Linux 2023 : postgresql15, postgresql15-contrib, postgresql15-llvmjit (ALAS2023-2024-464)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-464 advisory. Certain aggregate function calls receiving unknown-type arguments could disclose bytes of server memory from the end of the unknown-type value to the next zero byte. One typically gets an...

Security Bulletin: Extension script @substitutions@ within quoting allow SQL injection in EDB PostgresSQL

Summary Per CVE-2023-39417, extension script @substitutions@ within quoting allow SQL injection in EDB PostgreSQL with IBM, EDB Postgres Advanced Server with IBM and IBM Data Management Platform for EDB Postgres Enterprise for IBM Cloud Pak for Data. Vulnerability Details CVEID:CVE-2023-39417...

Security Bulletin: Multiple PostgreSQL Vulnerability affects IBM Storage Scale System (CVE-2023-2454, CVE-2022-2625)

Summary There are vulnerabilities in PostgreSQL versions used by IBM Storage Scale System and the applicable CVEs are addressed. Vulnerability Details CVEID:CVE-2023-2454 DESCRIPTION: PostgreSQL could allow a local authenticated attacker to execute arbitrary code on the system, caused by a flaw i...

CVE-2023-51649

Nautobot is a Network Source of Truth and Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database. When submitting a Job to run via a Job Button, only the model-level extras.runjob permission is checked i.e., does the user have...

Code injection

Nautobot is a Network Source of Truth and Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database. When submitting a Job to run via a Job Button, only the model-level extras.runjob permission is checked i.e., does the user have...

PYSEC-2023-287

Nautobot is a Network Source of Truth and Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database. When submitting a Job to run via a Job Button, only the model-level extras.runjob permission is checked i.e., does the user have...

CVE-2023-51649

CVE-2023-51649 affects Nautobot, a Django-based network automation platform. The issue: when submitting a Job via a Job Button, only the model-level extras.run_job permission is enforced; object-level permissions (permission to run a specific Job) are not checked by the relevant URL/view. Result:...

CVE-2023-51649 Nautobot missing object-level permissions enforcement when running Job Buttons

Nautobot is a Network Source of Truth and Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database. When submitting a Job to run via a Job Button, only the model-level extras.runjob permission is checked i.e., does the user have...

AlmaLinux 8 : postgresql:15 (ALSA-2023:7884)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:7884 advisory. postgresql: Buffer overrun from integer overflow in array modification CVE-2023-5869 postgresql: Memory disclosure in aggregate function calls CVE-2023-58...

Oracle Linux 8 : postgresql:15 (ELSA-2023-7884)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7884 advisory. - Fixes: CVE-2023-5868 CVE-2023-5869 CVE-2023-5870 CVE-2023-39417 CVE-2023-39418 Tenable has extracted the preceding description block directly from th...

Important: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

postgresql: Buffer overrun from integer overflow in array modification

A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing...

postgresql: extension script @substitutions@ within quoting allow SQL injection

IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct dollar quoting, '', or "". If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with...

postgresql: MERGE fails to enforce UPDATE or SELECT row security policies

A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows...

postgresql: Role pg_signal_backend can signal certain superuser processes.

A flaw was found in PostgreSQL involving the pgcancelbackend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would...