Количество 42
Количество 42
BDU:2024-09679
Уязвимость переменных среды PL/Perl системы управления базами данных PostgreSQL, позволяющая нарушителю выполнить произвольный код
ROS-20241211-08
Множественные уязвимости postgresql15-1c
ROS-20241211-07
Множественные уязвимости postgresql-1c
ROS-20241211-06
Множественные уязвимости postgresql16
ROS-20241211-05
Множественные уязвимости postgresql15
ROS-20241211-04
Множественные уязвимости postgresql14
ROS-20241211-03
Множественные уязвимости postgresql13
ROS-20241211-02
Множественные уязвимости postgresql
CVE-2024-10979
Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected.
CVE-2024-10979
Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected.
CVE-2024-10979
Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected.
CVE-2024-10979
PostgreSQL PL/Perl environment variable changes execute arbitrary code
CVE-2024-10979
Incorrect control of environment variables in PostgreSQL PL/Perl allow ...
GHSA-2r9h-x757-8j9q
Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected.
ELSA-2024-10882
ELSA-2024-10882: postgresql security update (IMPORTANT)
RLSA-2024:10832
Important: postgresql:13 security update
RLSA-2024:10831
Important: postgresql:16 security update
RLSA-2024:10830
Important: postgresql:15 security update
RLSA-2024:10788
Important: postgresql:16 security update
RLSA-2024:10787
Important: postgresql:15 security update
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2024-09679 Уязвимость переменных среды PL/Perl системы управления базами данных PostgreSQL, позволяющая нарушителю выполнить произвольный код | CVSS3: 8.8 | 16% Средний | около 1 года назад |
 | ROS-20241211-08 Множественные уязвимости postgresql15-1c | CVSS3: 8.8 | около 1 года назад | |
| ROS-20241211-07 Множественные уязвимости postgresql-1c | CVSS3: 8.8 | около 1 года назад | |
| ROS-20241211-06 Множественные уязвимости postgresql16 | CVSS3: 8.8 | около 1 года назад | |
| ROS-20241211-05 Множественные уязвимости postgresql15 | CVSS3: 8.8 | около 1 года назад | |
| ROS-20241211-04 Множественные уязвимости postgresql14 | CVSS3: 8.8 | около 1 года назад | |
| ROS-20241211-03 Множественные уязвимости postgresql13 | CVSS3: 8.8 | около 1 года назад | |
| ROS-20241211-02 Множественные уязвимости postgresql | CVSS3: 8.8 | около 1 года назад | |
 | CVE-2024-10979 Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. | CVSS3: 8.8 | 16% Средний | около 1 года назад |
 | CVE-2024-10979 Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. | CVSS3: 8.8 | 16% Средний | около 1 года назад |
 | CVE-2024-10979 Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. | CVSS3: 8.8 | 16% Средний | около 1 года назад |
 | CVE-2024-10979 PostgreSQL PL/Perl environment variable changes execute arbitrary code | CVSS3: 8.8 | 16% Средний | около 1 года назад |
| CVE-2024-10979 Incorrect control of environment variables in PostgreSQL PL/Perl allow ... | CVSS3: 8.8 | 16% Средний | около 1 года назад |
| GHSA-2r9h-x757-8j9q Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. | CVSS3: 8.8 | 16% Средний | около 1 года назад |
| ELSA-2024-10882 ELSA-2024-10882: postgresql security update (IMPORTANT) | 12 месяцев назад | ||
 | RLSA-2024:10832 Important: postgresql:13 security update | около 1 года назад | ||
| RLSA-2024:10831 Important: postgresql:16 security update | около 1 года назад | ||
| RLSA-2024:10830 Important: postgresql:15 security update | около 1 года назад | ||
| RLSA-2024:10788 Important: postgresql:16 security update | около 1 года назад | ||
| RLSA-2024:10787 Important: postgresql:15 security update | около 1 года назад |
Уязвимостей на страницу