Логотип exploitDog
product: "postgresql"
Консоль
Логотип exploitDog

exploitDog

product: "postgresql"
PostgreSQL

PostgreSQLсвободная объектно-реляционная система управления базами данных.

Релизный цикл, информация об уязвимостях

Продукт: PostgreSQL
Вендор: PostgreSQL

График релизов

141516171820212022202320242025202620272028202920302031

Недавние уязвимости PostgreSQL

Количество 1 017

github логотип

GHSA-735f-7qx4-jqq5

около 4 лет назад

A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption.

CVSS3: 5.9
EPSS: Низкий
github логотип

GHSA-j859-w9g7-8276

около 4 лет назад

A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include max_worker_processes=0, the known versions of this attack are infeasible. However, undiscovered variants of the attack may be independent of that setting.

CVSS3: 6.5
EPSS: Низкий
nvd логотип

CVE-2021-3677

около 4 лет назад

A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include max_worker_processes=0, the known versions of this attack are infeasible. However, undiscovered variants of the attack may be independent of that setting.

CVSS3: 6.5
EPSS: Низкий
debian логотип

CVE-2021-3677

около 4 лет назад

A flaw was found in postgresql. A purpose-crafted query can read arbit ...

CVSS3: 6.5
EPSS: Низкий
nvd логотип

CVE-2021-23222

около 4 лет назад

A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption.

CVSS3: 5.9
EPSS: Низкий
debian логотип

CVE-2021-23222

около 4 лет назад

A man-in-the-middle attacker can inject false responses to the client' ...

CVSS3: 5.9
EPSS: Низкий
ubuntu логотип

CVE-2021-3677

около 4 лет назад

A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include max_worker_processes=0, the known versions of this attack are infeasible. However, undiscovered variants of the attack may be independent of that setting.

CVSS3: 6.5
EPSS: Низкий
ubuntu логотип

CVE-2021-23222

около 4 лет назад

A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption.

CVSS3: 5.9
EPSS: Низкий
github логотип

GHSA-vmm8-82m2-pcp5

около 4 лет назад

Use of a Broken or Risky Cryptographic Algorithm in PostgreSQL

CVSS3: 8.1
EPSS: Низкий
github логотип

GHSA-6v9v-3f4c-cjgx

около 4 лет назад

Untrusted Search Path in PostgreSQL

CVSS3: 7.3
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
1
github логотип
GHSA-735f-7qx4-jqq5

A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption.

CVSS3: 5.9
0%
Низкий
около 4 лет назад
github логотип
GHSA-j859-w9g7-8276

A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include max_worker_processes=0, the known versions of this attack are infeasible. However, undiscovered variants of the attack may be independent of that setting.

CVSS3: 6.5
0%
Низкий
около 4 лет назад
nvd логотип
CVE-2021-3677

A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include max_worker_processes=0, the known versions of this attack are infeasible. However, undiscovered variants of the attack may be independent of that setting.

CVSS3: 6.5
0%
Низкий
около 4 лет назад
debian логотип
CVE-2021-3677

A flaw was found in postgresql. A purpose-crafted query can read arbit ...

CVSS3: 6.5
0%
Низкий
около 4 лет назад
nvd логотип
CVE-2021-23222

A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption.

CVSS3: 5.9
0%
Низкий
около 4 лет назад
debian логотип
CVE-2021-23222

A man-in-the-middle attacker can inject false responses to the client' ...

CVSS3: 5.9
0%
Низкий
около 4 лет назад
ubuntu логотип
CVE-2021-3677

A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include max_worker_processes=0, the known versions of this attack are infeasible. However, undiscovered variants of the attack may be independent of that setting.

CVSS3: 6.5
0%
Низкий
около 4 лет назад
ubuntu логотип
CVE-2021-23222

A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption.

CVSS3: 5.9
0%
Низкий
около 4 лет назад
github логотип
GHSA-vmm8-82m2-pcp5

Use of a Broken or Risky Cryptographic Algorithm in PostgreSQL

CVSS3: 8.1
0%
Низкий
около 4 лет назад
github логотип
GHSA-6v9v-3f4c-cjgx

Untrusted Search Path in PostgreSQL

CVSS3: 7.3
0%
Низкий
около 4 лет назад

Уязвимостей на страницу

Поделиться