Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in PostgreSQL

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of PostgreSQL. Vulnerability Details CVEID:CVE-2022-31197 DESCRIPTION: PostgreSQL is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to PGJDBC implementation of the...

USN-5676-1 postgresql-9.5 vulnerability

Alexander Lakhin discovered that PostgreSQL incorrectly handled the security restricted operation sandbox when a privileged user is maintaining another user’s objects. An attacker having permission to create non-temp objects can use this issue to execute arbitrary commands as the superuser...

USN-5676-1: PostgreSQL vulnerability

Alexander Lakhin discovered that PostgreSQL incorrectly handled the security restricted operation sandbox when a privileged user is maintaining another user’s objects. An attacker having permission to create non-temp objects can use this issue to execute arbitrary commands as the superuser...

CVE-2021-43766 affecting package postgresql 12.8-1

CVE-2021-43766 affecting package postgresql 12.8-1. An upgraded version of the package is available that resolves this issue...

CVE-2021-43767 affecting package postgresql 12.8-1

CVE-2021-43767 affecting package postgresql 12.8-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-2625 affecting package postgresql 12.8-1

CVE-2022-2625 affecting package postgresql 12.8-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-1552 affecting package postgresql 12.8-1

CVE-2022-1552 affecting package postgresql 12.8-1. An upgraded version of the package is available that resolves this issue...

ROS-20221013-05

A vulnerability in the PostgreSQL database management system is related to errors when using OR commands extensions. Exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges and replace arbitrary objects in the database...

ROS-20221013-06

A vulnerability in the PostgreSQL database management system is related to errors when using OR commands extensions. Exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges and replace arbitrary objects in the database...

ROS-20221013-04

A vulnerability in the PostgreSQL database management system is related to errors when using OR commands extensions. Exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges and replace arbitrary objects in the database...

ROS-20221013-03

A vulnerability in the PostgreSQL database management system is related to errors when using OR commands extensions. Exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges and replace arbitrary objects in the database...

CVE-2022-34434

Cloud Mobility for Dell Storage versions 1.3.0 and earlier contains an Improper Access Control vulnerability within the Postgres database. A threat actor with root level access to either the vApp or containerized versions of Cloud Mobility may potentially exploit this vulnerability, leading to th...

CVE-2022-34434

Cloud Mobility for Dell Storage versions 1.3.0 and earlier contains an Improper Access Control vulnerability within the Postgres database. A threat actor with root level access to either the vApp or containerized versions of Cloud Mobility may potentially exploit this vulnerability, leading to th...

Huawei EulerOS: Security Advisory for postgresql (EulerOS-SA-2022-2528)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.6 : postgresql (EulerOS-SA-2022-2528)

According to the versions of the postgresql packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24...

[SECURITY] [DLA 3140-1] libpgjava security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3140-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb October 07, 2022 https://wiki.debian.org/LTS -...

Debian dla-3140 : libpostgresql-jdbc-java - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3140 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3140-1 [email protected] https://www.debian.org/lts/security/...

SUSE: Security Advisory (SUSE-SU-2022:3541-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:3537-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for postgresql-jdbc (SUSE-SU-2022:3537-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...