50 matches found
CVE-2026-9617
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a table and placing malicious code inside a column identifier. If a superuser calls the k-anonymity function, the malicious code is executed with superuser privileges. The risk is higher wit...
CVE-2026-6472 PostgreSQL CREATE TYPE does not check multirange schema CREATE privilege
Missing authorization in PostgreSQL CREATE TYPE allows an object creator to hijack other queries that use searchpath to find user-defined types, including extension-defined types. That is to say, the victim will execute arbitrary SQL functions of the attacker's choice. Versions before PostgreSQL...
OPENSUSE-SU-2026:20449-1 Security update for postgresql13
This update for postgresql13 fixes the following issues: Security fixes: - CVE-2025-12817: Fixed missing check for CREATE privileges on the schema in CREATE STATISTICS allowed table owners to create statistics in any schema, potentially leading to unexpected naming conflicts bsc1253332 -...
postgresql:15 security update
An update is available for pgrepack, module.postgresql, module.pgaudit, postgresql, postgres-decoderbufs, module.pgrepack, module.postgres-decoderbufs, pgaudit. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
RLSA-2026:0491 Moderate: postgresql security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: CREATE STATISTICS does not check for schema CREATE privilege CVE-2025-12817 postgresql: libpq undersizes allocations, via integer wraparound CVE-2025-12818 For more details about the security...
RLSA-2026:0493 Moderate: postgresql:16 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: CREATE STATISTICS does not check for schema CREATE privilege CVE-2025-12817 postgresql: libpq undersizes allocations, via integer wraparound CVE-2025-12818 For more details about the security...
RLSA-2026:0523 Moderate: postgresql:13 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: CREATE STATISTICS does not check for schema CREATE privilege CVE-2025-12817 postgresql: libpq undersizes allocations, via integer wraparound CVE-2025-12818 For more details about the security...
RLSA-2026:0524 Moderate: postgresql:15 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: CREATE STATISTICS does not check for schema CREATE privilege CVE-2025-12817 postgresql: libpq undersizes allocations, via integer wraparound CVE-2025-12818 For more details about the security...
RockyLinux 9 : postgresql:15 (RLSA-2026:0492)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0492 advisory. postgresql: CREATE STATISTICS does not check for schema CREATE privilege CVE-2025-12817 postgresql: libpq undersizes allocations, via integer wraparound...
RockyLinux 9 : postgresql (RLSA-2026:0491)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0491 advisory. postgresql: CREATE STATISTICS does not check for schema CREATE privilege CVE-2025-12817 postgresql: libpq undersizes allocations, via integer wraparound...
postgresql: CREATE STATISTICS does not check for schema CREATE privilege
A vulnerability has been identified in PostgreSQL’s CREATE STATISTICS command where the database does not check that the user has the required schema CREATE privilege. A table owner user could create a statistics object in any schema, blocking other users who legitimately hold CREATE STATISTICS...
postgresql: CREATE STATISTICS does not check for schema CREATE privilege
A vulnerability has been identified in PostgreSQL’s CREATE STATISTICS command where the database does not check that the user has the required schema CREATE privilege. A table owner user could create a statistics object in any schema, blocking other users who legitimately hold CREATE STATISTICS...
Moderate: Red Hat Security Advisory: postgresql:16 security update
An update for the postgresql:16 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
postgresql: CREATE STATISTICS does not check for schema CREATE privilege
A vulnerability has been identified in PostgreSQL’s CREATE STATISTICS command where the database does not check that the user has the required schema CREATE privilege. A table owner user could create a statistics object in any schema, blocking other users who legitimately hold CREATE STATISTICS...
postgresql: CREATE STATISTICS does not check for schema CREATE privilege
A vulnerability has been identified in PostgreSQL’s CREATE STATISTICS command where the database does not check that the user has the required schema CREATE privilege. A table owner user could create a statistics object in any schema, blocking other users who legitimately hold CREATE STATISTICS...
postgresql: CREATE STATISTICS does not check for schema CREATE privilege
A vulnerability has been identified in PostgreSQL’s CREATE STATISTICS command where the database does not check that the user has the required schema CREATE privilege. A table owner user could create a statistics object in any schema, blocking other users who legitimately hold CREATE STATISTICS...
RHEL 8 : postgresql:15 (RHSA-2026:0266)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0266 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: CREATE STATISTICS does not check fo...
ALSA-2026:0523 Moderate: postgresql:13 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: CREATE STATISTICS does not check for schema CREATE privilege CVE-2025-12817 postgresql: libpq undersizes allocations, via integer wraparound CVE-2025-12818 For more details about the security...
RHEL 9 : postgresql:15 (RHSA-2026:0492)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0492 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: CREATE STATISTICS does not check fo...
ALSA-2026:0491 Moderate: postgresql security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: CREATE STATISTICS does not check for schema CREATE privilege CVE-2025-12817 postgresql: libpq undersizes allocations, via integer wraparound CVE-2025-12818 For more details about the security...