Search CVE reports
11 – 14 of 14 results
INSERT ... ON CONFLICT DO UPDATE commands in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, and 9.5.x before 9.5.10 disclose table contents that the invoker lacks privilege to read. These exploits affect only tables where the...
5 affected packages
postgresql-9.1, postgresql-10, postgresql-9.3, postgresql-9.5, postgresql-9.6
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| postgresql-9.1 | — | — | — | — |
| postgresql-10 | — | — | — | — |
| postgresql-9.3 | — | — | — | — |
| postgresql-9.5 | — | — | — | — |
| postgresql-9.6 | — | — | — | — |
Invalid json_populate_recordset or jsonb_populate_recordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, and 9.3.x before 9.3.20 can crash the server or disclose a...
5 affected packages
postgresql-9.3, postgresql-9.5, postgresql-9.6, postgresql-10, postgresql-9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| postgresql-9.3 | — | — | — | Not in release |
| postgresql-9.5 | — | — | — | Not in release |
| postgresql-9.6 | — | — | — | Not in release |
| postgresql-10 | — | — | — | Not affected |
| postgresql-9.1 | — | — | — | Not in release |
A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root.
5 affected packages
postgresql-9.1, postgresql-10, postgresql-9.3, postgresql-9.5, postgresql-9.6
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| postgresql-9.1 | — | — | — | — |
| postgresql-10 | — | — | — | — |
| postgresql-9.3 | — | — | — | — |
| postgresql-9.5 | — | — | — | — |
| postgresql-9.6 | — | — | — | — |
PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs under a non-root operating system account, and database superusers have effective ability...
4 affected packages
postgresql-9.1, postgresql-9.3, postgresql-9.5, postgresql-9.6
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| postgresql-9.1 | — | — | — | — |
| postgresql-9.3 | — | — | — | — |
| postgresql-9.5 | — | — | — | — |
| postgresql-9.6 | — | — | — | — |