Описание
PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the PostgreSQL operating system account.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 10.9-0ubuntu0.18.04.1 |
| cosmic | released | 10.9-0ubuntu0.18.10.1 |
| devel | DNE | |
| disco | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | released | 10.9-0ubuntu0.18.04.1 |
| precise/esm | DNE | |
| trusty/esm | DNE | |
| upstream | released | 10.9 |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| cosmic | DNE | |
| devel | released | 11.4-1 |
| disco | released | 11.4-0ubuntu0.19.04.1 |
| esm-infra-legacy/trusty | DNE | |
| precise/esm | DNE | |
| trusty/esm | DNE | |
| upstream | released | 11.4 |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise/esm | not-affected | |
| trusty/esm | DNE | |
| upstream | not-affected | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| esm-infra-legacy/trusty | not-affected | |
| precise/esm | DNE | |
| trusty/esm | not-affected | |
| upstream | not-affected | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/xenial | not-affected | |
| precise/esm | DNE | |
| trusty/esm | DNE | |
| upstream | not-affected | |
| xenial | not-affected |
Показывать по
EPSS
9 Critical
CVSS2
8.8 High
CVSS3
Связанные уязвимости
PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the PostgreSQL operating system account.
PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the PostgreSQL operating system account.
PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are ...
EPSS
9 Critical
CVSS2
8.8 High
CVSS3