Astra Linux - уязвимость в postgresql-11

When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries during the initial establishment of a connection, despite the use of SSL certificate verification and encryption...

Unity Linux 20.1070e Security Update: postgresql (UTSA-2026-017752)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017752 advisory. When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject...

JLSEC-2026-29

When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption...

EUVD-2021-10318

Malware in sbrugna...

EUVD-2007-6567

Malware in sbrugna...

EUVD-2007-3268

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2021-23214

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject...

K000148898: PostgreSQL vulnerabilities CVE-2021-23214, CVE-2019-9193, CVE-2019-10210, CVE-2019-10128, and CVE-2019-10127

Security Advisory Description CVE-2021-23214 When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL...

BIT-POSTGRESQL-2021-23214

When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption...

Rocky Linux 8 : postgresql:10 (RLSA-2022:1830)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:1830 advisory. - When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject...

Amazon Linux 2 : postgresql (ALAS-2023-1949)

The version of postgresql installed on the remote host is prior to 9.2.24-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-1949 advisory. When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a...

Medium: postgresql

Issue Overview: When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and...

SUSE CVE-2007-6601

The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors. NOTE: this issue exists because of an incomplete...

SUSE CVE-2021-23214

When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption...

Medium: postgresql93

Issue Overview: When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and...

Amazon Linux AMI : postgresql94 (ALAS-2023-1659)

The version of postgresql94 installed on the remote host is prior to 9.4.26-1.78. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1659 advisory. When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a...

Amazon Linux AMI : postgresql95 (ALAS-2023-1660)

The version of postgresql95 installed on the remote host is prior to 9.5.24-1.83. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1660 advisory. When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a...

Amazon Linux AMI : postgresql96 (ALAS-2023-1661)

The version of postgresql96 installed on the remote host is prior to 9.6.24-1.86. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1661 advisory. When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a...

OESA-2022-2061 postgresql security update

PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...

Ubuntu 16.04 ESM : PostgreSQL vulnerabilities (USN-5645-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5645-1 advisory. Jacob Champion discovered that PostgreSQL incorrectly handled SSL certificate verification and encryption. A remote attacker could possibly use this issu...