GHSA-579W-22J4-4749 Denial of Service Vulnerability in ActiveRecord's PostgreSQL adapter

There is a potential denial of service vulnerability present in ActiveRecord's PostgreSQL adapter. This has been assigned the CVE identifier CVE-2022-44566. Versions Affected: All. Not affected: None. Fixed Versions - 2.3.18.47 Rails LTS, which is a paid service and not part of the rubygem -...

Denial of Service (DoS)

Overview activerecord is a library for databases on Rails. Affected versions of this package are vulnerable to Denial of Service DoS when a value outside the range for a 64-bit signed integer is provided to the PostgreSQL connection adapter. Workarounds Ensure that user-supplied input which is...

Denial of Service Vulnerability in ActiveRecord’s PostgreSQL adapter

There is a potential denial of service vulnerability present in ActiveRecord’s PostgreSQL adapter. In ActiveRecord 7.0.4.1 and 6.1.7.1, when a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric...

Denial of Service Vulnerability in ActiveRecord’s PostgreSQL adapter

There is a potential denial of service vulnerability present in ActiveRecord’s PostgreSQL adapter. This has been assigned the CVE identifier CVE-2022-44566. Versions Affected: All. Not affected: None. Fixed Versions: 6.1.7.1, 7.0.4.1 Impact In ActiveRecord 7.0.4.1 and 6.1.7.1, when a value outsid...

PT-2023-14504

Name of the Vulnerable Software and Affected Versions ActiveRecord versions prior to 6.1.7.1 ActiveRecord versions prior to 7.0.4.1 Description A denial of service issue is present in ActiveRecord's PostgreSQL adapter. When a value outside the range for a 64bit signed integer is provided to the...

AlmaLinux 8 : postgresql:10 (ALSA-2023:0113)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:0113 advisory. postgresql: Extension scripts replace objects not belonging to the extension. CVE-2022-2625 Tenable has extracted the preceding description block directly from the...

postgresql:10 security update

10.23-1 - Fix CVE-2022-2625 - Resolves: 2143167 - Rebase to 10.23...

Oracle Linux 8 : postgresql:10 (ELSA-2023-0113)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-0113 advisory. - Fix CVE-2022-2625 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...

[SECURITY] Fedora 37 Update: postgresql-jdbc-42.4.3-1.fc37

PostgreSQL is an advanced Object-Relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database...

Fedora: Security Advisory for postgresql-jdbc (FEDORA-2023-42d6ba9bd6)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security Bulletin: A vulnerability in PostgreSQL JDBC Driver (PgJDBC) affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data (CVE-2022-21724)

Summary A vulnerability in PostgreSQL JDBC Driver PgJDBC affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data CVE-2022-21724. Please see the details below on how to remediate this issue. Vulnerability Details CVEID:CVE-2022-21724 DESCRIPTION: PostgreSQL JDBC Driver PgJDBC could...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a SQL injection in PostgreSQL (CVE-2022-31197)

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a SQL injection in PostgreSQL , caused by an vulnerability in the PGJDBC implementation of the java.sql.ResultRow.refreshRow method, CVE-2022-31197. PostgreSQL is a database used with a number of our Speech...

Moderate: Red Hat Security Advisory: rh-postgresql10-postgresql security and bug fix update

An update for rh-postgresql10-postgresql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

postgresql: Extension scripts replace objects not belonging to the extension.

A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the objec...

postgresql: Extension scripts replace objects not belonging to the extension.

A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the objec...

Moderate: Red Hat Security Advisory: postgresql:10 security update

An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RLSA-2023:0113 Moderate: postgresql:10 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: Extension scripts replace objects not belonging to the extension. CVE-2022-2625 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

postgresql:10 security update

An update is available for postgresql. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PostgreSQL is an advanced object-relational database management system DBM...

[SECURITY] Fedora 37 Update: pgadmin4-6.18-2.fc37

pgAdmin is the most popular and feature rich Open Source administration and d evelopment platform for PostgreSQL, the most advanced Open Source database in the world...

RHEL 8 : postgresql:10 (RHSA-2023:0113)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0113 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: Extension scripts replace objects not...