Количество 59
Количество 59
ELSA-2023-7784
ELSA-2023-7784: postgresql security update (IMPORTANT)
ELSA-2023-7714
ELSA-2023-7714: postgresql:12 security update (IMPORTANT)
ELSA-2023-7581
ELSA-2023-7581: postgresql:13 security update (IMPORTANT)
ELSA-2023-7884
ELSA-2023-7884: postgresql:15 security update (IMPORTANT)
ELSA-2023-7785
ELSA-2023-7785: postgresql:15 security update (IMPORTANT)
ROS-20240329-12
Множественные уязвимости postgresql13
ROS-20240329-11
Множественные уязвимости postgresql
SUSE-SU-2024:0106-1
Security update for postgresql, postgresql15, postgresql16
SUSE-SU-2023:4495-1
Security update for postgresql, postgresql15, postgresql16
SUSE-SU-2023:4479-1
Security update for postgresql14
SUSE-SU-2023:4455-1
Security update for postgresql13
SUSE-SU-2023:4454-1
Security update for postgresql12
SUSE-SU-2023:4434-1
Security update for postgresql13
SUSE-SU-2023:4433-1
Security update for postgresql12
SUSE-SU-2023:4425-1
Security update for postgresql, postgresql15, postgresql16
SUSE-SU-2023:4418-1
Security update for postgresql14
ROS-20240329-13
Множественные уязвимости postgresql14
CVE-2023-39417
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.
CVE-2023-39417
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.
CVE-2023-39417
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| ELSA-2023-7784 ELSA-2023-7784: postgresql security update (IMPORTANT) | больше 1 года назад | ||
| ELSA-2023-7714 ELSA-2023-7714: postgresql:12 security update (IMPORTANT) | больше 1 года назад | ||
| ELSA-2023-7581 ELSA-2023-7581: postgresql:13 security update (IMPORTANT) | больше 1 года назад | ||
| ELSA-2023-7884 ELSA-2023-7884: postgresql:15 security update (IMPORTANT) | больше 1 года назад | ||
| ELSA-2023-7785 ELSA-2023-7785: postgresql:15 security update (IMPORTANT) | больше 1 года назад | ||
 | ROS-20240329-12 Множественные уязвимости postgresql13 | CVSS3: 8.8 | около 1 года назад | |
| ROS-20240329-11 Множественные уязвимости postgresql | CVSS3: 8.8 | около 1 года назад | |
 | SUSE-SU-2024:0106-1 Security update for postgresql, postgresql15, postgresql16 | больше 1 года назад | ||
| SUSE-SU-2023:4495-1 Security update for postgresql, postgresql15, postgresql16 | больше 1 года назад | ||
| SUSE-SU-2023:4479-1 Security update for postgresql14 | больше 1 года назад | ||
| SUSE-SU-2023:4455-1 Security update for postgresql13 | больше 1 года назад | ||
| SUSE-SU-2023:4454-1 Security update for postgresql12 | больше 1 года назад | ||
| SUSE-SU-2023:4434-1 Security update for postgresql13 | больше 1 года назад | ||
| SUSE-SU-2023:4433-1 Security update for postgresql12 | больше 1 года назад | ||
| SUSE-SU-2023:4425-1 Security update for postgresql, postgresql15, postgresql16 | больше 1 года назад | ||
| SUSE-SU-2023:4418-1 Security update for postgresql14 | больше 1 года назад | ||
| ROS-20240329-13 Множественные уязвимости postgresql14 | CVSS3: 8.8 | около 1 года назад | |
 | CVE-2023-39417 IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser. | CVSS3: 7.5 | 1% Низкий | почти 2 года назад |
 | CVE-2023-39417 IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser. | CVSS3: 7.5 | 1% Низкий | почти 2 года назад |
 | CVE-2023-39417 IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser. | CVSS3: 7.5 | 1% Низкий | почти 2 года назад |
Уязвимостей на страницу