Search CVE reports
1 – 10 of 86 results
Some fixes available 4 of 8
SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect...
8 affected packages
postgresql-18, postgresql-17, postgresql-16, postgresql-14, postgresql-12...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| postgresql-18 | Fixed | Not in release | Not in release | — | — |
| postgresql-17 | Not in release | Not in release | Not in release | — | — |
| postgresql-16 | Not in release | Fixed | Not in release | — | — |
| postgresql-14 | Not in release | Not in release | Fixed | — | — |
| postgresql-12 | Not in release | Not in release | Not in release | Needs evaluation | — |
| postgresql-10 | Not in release | Not in release | Not in release | — | Needs evaluation |
| postgresql-9.5 | Not in release | Not in release | Not in release | — | — |
| postgresql-9.3 | Not in release | Not in release | Not in release | — | — |
Some fixes available 4 of 8
Stack buffer overflow in PostgreSQL module "refint" allows an unprivileged database user to execute arbitrary code as the operating system user running the database. A distinct attack is possible if the application declares a...
8 affected packages
postgresql-18, postgresql-17, postgresql-16, postgresql-14, postgresql-12...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| postgresql-18 | Fixed | Not in release | Not in release | — | — |
| postgresql-17 | Not in release | Not in release | Not in release | — | — |
| postgresql-16 | Not in release | Fixed | Not in release | — | — |
| postgresql-14 | Not in release | Not in release | Fixed | — | — |
| postgresql-12 | Not in release | Not in release | Not in release | Needs evaluation | — |
| postgresql-10 | Not in release | Not in release | Not in release | — | Needs evaluation |
| postgresql-9.5 | Not in release | Not in release | Not in release | — | — |
| postgresql-9.3 | Not in release | Not in release | Not in release | — | — |
Some fixes available 4 of 8
Buffer over-read in PostgreSQL function pg_restore_attribute_stats() accepts array values of unmatched length, which causes query planning to read past end of one array. This allows a table maintainer to infer memory values past...
8 affected packages
postgresql-18, postgresql-17, postgresql-16, postgresql-14, postgresql-12...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| postgresql-18 | Fixed | Not in release | Not in release | — | — |
| postgresql-17 | Not in release | Not in release | Not in release | — | — |
| postgresql-16 | Not in release | Fixed | Not in release | — | — |
| postgresql-14 | Not in release | Not in release | Fixed | — | — |
| postgresql-12 | Not in release | Not in release | Not in release | Needs evaluation | — |
| postgresql-10 | Not in release | Not in release | Not in release | — | Needs evaluation |
| postgresql-9.5 | Not in release | Not in release | Not in release | — | — |
| postgresql-9.3 | Not in release | Not in release | Not in release | — | — |
Some fixes available 4 of 8
Uncontrolled recursion in PostgreSQL SSL and GSS negotiation allows an attacker able to connect to a PostgreSQL AF_UNIX socket to achieve sustained denial of service. If SSL and GSS are both disabled, an attacker can do the same...
8 affected packages
postgresql-18, postgresql-17, postgresql-16, postgresql-14, postgresql-12...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| postgresql-18 | Fixed | Not in release | Not in release | — | — |
| postgresql-17 | Not in release | Not in release | Not in release | — | — |
| postgresql-16 | Not in release | Fixed | Not in release | — | — |
| postgresql-14 | Not in release | Not in release | Fixed | — | — |
| postgresql-12 | Not in release | Not in release | Not in release | Needs evaluation | — |
| postgresql-10 | Not in release | Not in release | Not in release | — | Needs evaluation |
| postgresql-9.5 | Not in release | Not in release | Not in release | — | — |
| postgresql-9.3 | Not in release | Not in release | Not in release | — | — |
Some fixes available 4 of 8
Covert timing channel in comparison of MD5-hashed password in PostgreSQL authentication allows an attacker to recover user credentials sufficient to authenticate. This does not affect scram-sha-256 passwords, the default in all...
8 affected packages
postgresql-18, postgresql-17, postgresql-16, postgresql-14, postgresql-12...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| postgresql-18 | Fixed | Not in release | Not in release | — | — |
| postgresql-17 | Not in release | Not in release | Not in release | — | — |
| postgresql-16 | Not in release | Fixed | Not in release | — | — |
| postgresql-14 | Not in release | Not in release | Fixed | — | — |
| postgresql-12 | Not in release | Not in release | Not in release | Needs evaluation | — |
| postgresql-10 | Not in release | Not in release | Not in release | — | Needs evaluation |
| postgresql-9.5 | Not in release | Not in release | Not in release | — | — |
| postgresql-9.3 | Not in release | Not in release | Not in release | — | — |
Some fixes available 4 of 8
Use of inherently dangerous function PQfn(..., result_is_int=0, ...) in PostgreSQL libpq lo_export(), lo_read(), lo_lseek64(), and lo_tell64() functions allows the server superuser to overwrite a client stack buffer with an...
8 affected packages
postgresql-18, postgresql-17, postgresql-16, postgresql-14, postgresql-12...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| postgresql-18 | Fixed | Not in release | Not in release | — | — |
| postgresql-17 | Not in release | Not in release | Not in release | — | — |
| postgresql-16 | Not in release | Fixed | Not in release | — | — |
| postgresql-14 | Not in release | Not in release | Fixed | — | — |
| postgresql-12 | Not in release | Not in release | Not in release | Needs evaluation | — |
| postgresql-10 | Not in release | Not in release | Not in release | — | Needs evaluation |
| postgresql-9.5 | Not in release | Not in release | Not in release | — | — |
| postgresql-9.3 | Not in release | Not in release | Not in release | — | — |
Some fixes available 4 of 8
SQL injection in PostgreSQL pg_createsubscriber allows an attacker with pg_create_subscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pg_createsubscriber next runs. Within major versions 17...
8 affected packages
postgresql-18, postgresql-17, postgresql-16, postgresql-14, postgresql-12...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| postgresql-18 | Fixed | Not in release | Not in release | — | — |
| postgresql-17 | Not in release | Not in release | Not in release | — | — |
| postgresql-16 | Not in release | Fixed | Not in release | — | — |
| postgresql-14 | Not in release | Not in release | Fixed | — | — |
| postgresql-12 | Not in release | Not in release | Not in release | Needs evaluation | — |
| postgresql-10 | Not in release | Not in release | Not in release | — | Needs evaluation |
| postgresql-9.5 | Not in release | Not in release | Not in release | — | — |
| postgresql-9.3 | Not in release | Not in release | Not in release | — | — |
Some fixes available 4 of 8
Symlink following in PostgreSQL pg_basebackup plain format and in pg_rewind allows an origin superuser to overwrite local files, e.g. /var/lib/postgres/.bashrc, that hijack the operating system account. It will remain the case...
8 affected packages
postgresql-18, postgresql-17, postgresql-16, postgresql-14, postgresql-12...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| postgresql-18 | Fixed | Not in release | Not in release | — | — |
| postgresql-17 | Not in release | Not in release | Not in release | — | — |
| postgresql-16 | Not in release | Fixed | Not in release | — | — |
| postgresql-14 | Not in release | Not in release | Fixed | — | — |
| postgresql-12 | Not in release | Not in release | Not in release | Needs evaluation | — |
| postgresql-10 | Not in release | Not in release | Not in release | — | Needs evaluation |
| postgresql-9.5 | Not in release | Not in release | Not in release | — | — |
| postgresql-9.3 | Not in release | Not in release | Not in release | — | — |
Some fixes available 4 of 8
Externally-controlled format string in PostgreSQL timeofday() function allows an attacker to retrieve portions of server memory, via crafted timezone zones. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.
8 affected packages
postgresql-18, postgresql-17, postgresql-16, postgresql-14, postgresql-12...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| postgresql-18 | Fixed | Not in release | Not in release | — | — |
| postgresql-17 | Not in release | Not in release | Not in release | — | — |
| postgresql-16 | Not in release | Fixed | Not in release | — | — |
| postgresql-14 | Not in release | Not in release | Fixed | — | — |
| postgresql-12 | Not in release | Not in release | Not in release | Needs evaluation | — |
| postgresql-10 | Not in release | Not in release | Not in release | — | Needs evaluation |
| postgresql-9.5 | Not in release | Not in release | Not in release | — | — |
| postgresql-9.3 | Not in release | Not in release | Not in release | — | — |
Some fixes available 4 of 8
Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and write out-of-bounds. This may execute arbitrary code as the operating system user...
8 affected packages
postgresql-18, postgresql-17, postgresql-16, postgresql-14, postgresql-12...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| postgresql-18 | Fixed | Not in release | Not in release | — | — |
| postgresql-17 | Not in release | Not in release | Not in release | — | — |
| postgresql-16 | Not in release | Fixed | Not in release | — | — |
| postgresql-14 | Not in release | Not in release | Fixed | — | — |
| postgresql-12 | Not in release | Not in release | Not in release | Needs evaluation | — |
| postgresql-10 | Not in release | Not in release | Not in release | — | Needs evaluation |
| postgresql-9.5 | Not in release | Not in release | Not in release | — | — |
| postgresql-9.3 | Not in release | Not in release | Not in release | — | — |