Количество 36
Количество 36
BDU:2024-09679
Уязвимость переменных среды PL/Perl системы управления базами данных PostgreSQL, позволяющая нарушителю выполнить произвольный код
ROS-20241211-08
Множественные уязвимости postgresql15-1c
ROS-20241211-07
Множественные уязвимости postgresql-1c
ROS-20241211-06
Множественные уязвимости postgresql16
ROS-20241211-05
Множественные уязвимости postgresql15
ROS-20241211-04
Множественные уязвимости postgresql14
ROS-20241211-03
Множественные уязвимости postgresql13
ROS-20241211-02
Множественные уязвимости postgresql
CVE-2024-10979
Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected.
CVE-2024-10979
Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected.
CVE-2024-10979
Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected.
CVE-2024-10979
CVE-2024-10979
Incorrect control of environment variables in PostgreSQL PL/Perl allow ...
GHSA-2r9h-x757-8j9q
Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected.
ELSA-2024-10882
ELSA-2024-10882: postgresql security update (IMPORTANT)
ELSA-2024-10832
ELSA-2024-10832: postgresql:13 security update (IMPORTANT)
ELSA-2024-10831
ELSA-2024-10831: postgresql:16 security update (IMPORTANT)
ELSA-2024-10830
ELSA-2024-10830: postgresql:15 security update (IMPORTANT)
ELSA-2024-10791
ELSA-2024-10791: postgresql security update (IMPORTANT)
ELSA-2024-10788
ELSA-2024-10788: postgresql:16 security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2024-09679 Уязвимость переменных среды PL/Perl системы управления базами данных PostgreSQL, позволяющая нарушителю выполнить произвольный код | CVSS3: 8.8 | 2% Низкий | 7 месяцев назад |
 | ROS-20241211-08 Множественные уязвимости postgresql15-1c | CVSS3: 8.8 | 6 месяцев назад | |
| ROS-20241211-07 Множественные уязвимости postgresql-1c | CVSS3: 8.8 | 6 месяцев назад | |
| ROS-20241211-06 Множественные уязвимости postgresql16 | CVSS3: 8.8 | 6 месяцев назад | |
| ROS-20241211-05 Множественные уязвимости postgresql15 | CVSS3: 8.8 | 6 месяцев назад | |
| ROS-20241211-04 Множественные уязвимости postgresql14 | CVSS3: 8.8 | 6 месяцев назад | |
| ROS-20241211-03 Множественные уязвимости postgresql13 | CVSS3: 8.8 | 6 месяцев назад | |
| ROS-20241211-02 Множественные уязвимости postgresql | CVSS3: 8.8 | 6 месяцев назад | |
 | CVE-2024-10979 Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. | CVSS3: 8.8 | 2% Низкий | 7 месяцев назад |
 | CVE-2024-10979 Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. | CVSS3: 8.8 | 2% Низкий | 7 месяцев назад |
 | CVE-2024-10979 Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. | CVSS3: 8.8 | 2% Низкий | 7 месяцев назад |
 | CVSS3: 8.8 | 2% Низкий | 7 месяцев назад | |
| CVE-2024-10979 Incorrect control of environment variables in PostgreSQL PL/Perl allow ... | CVSS3: 8.8 | 2% Низкий | 7 месяцев назад |
| GHSA-2r9h-x757-8j9q Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. | CVSS3: 8.8 | 2% Низкий | 7 месяцев назад |
| ELSA-2024-10882 ELSA-2024-10882: postgresql security update (IMPORTANT) | 6 месяцев назад | ||
| ELSA-2024-10832 ELSA-2024-10832: postgresql:13 security update (IMPORTANT) | 7 месяцев назад | ||
| ELSA-2024-10831 ELSA-2024-10831: postgresql:16 security update (IMPORTANT) | 7 месяцев назад | ||
| ELSA-2024-10830 ELSA-2024-10830: postgresql:15 security update (IMPORTANT) | 7 месяцев назад | ||
| ELSA-2024-10791 ELSA-2024-10791: postgresql security update (IMPORTANT) | 6 месяцев назад | ||
| ELSA-2024-10788 ELSA-2024-10788: postgresql:16 security update (IMPORTANT) | 7 месяцев назад |
Уязвимостей на страницу