Postgresql@9.6.0 Security Vulnerabilities and Issues — Postgresql@9.6.0 CVE List

Lucene search

PostgresqlPostgresql9.6.0

3 matches found

CVE•added 2018/08/09 8:29 p.m.•391 views

CVE-2018-10915

A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side co...

8.5CVSS7.3AI score0.01557EPSS

CVE•added 2018/08/09 9:29 p.m.•328 views

CVE-2018-10925

It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed to properly check authorization on certain statements involved with "INSERT ... ON CONFLICT DO UPDATE". An attacker with "CREATE TABLE" privileges could exploit this to read arbitrary bytes server memo...

8.1CVSS7.7AI score0.00431EPSS

CVE•added 2018/02/09 2:29 p.m.•232 views

CVE-2018-1053

In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7 and 10.x before 10.2, pg_upgrade creates file in current working directory containing the output of pg_dumpall -g under umask which was in effect when the user invoked pg_upgrade, and not under 0077 whic...

7CVSS6.5AI score0.00053EPSS