Download
| Alert*
|
oval:org.secpod.oval:def:508150
PostgreSQL is an advanced object-relational database management system . Security Fix: postgresql: Buffer overrun from integer overflow in array modification postgresql: Memory disclosure in aggregate function calls postgresql: extension script @substitutions@ within quoting allow SQL injection p ... oval:org.secpod.oval:def:3301912 Security update for postgresql15 oval:org.secpod.oval:def:93811 The host is installed with PostgreSQL 11.x before 11.21, 12.x before 12.16, 13.x before 13.12 or 14.x before 14.9, or 15.x before 15.4 and is prone to a SQL injection vulnerability. A flaw is present in the application which fails to properly handle an extension script, if it uses @extowner@, @extsc ... oval:org.secpod.oval:def:89049281 This update for postgresql15 fixes the following issues: * Update to 15.4 * CVE-2023-39417: Fixed potential SQL injection for trusted extensions. * CVE-2023-39418: Fix MERGE to enforce row security oval:org.secpod.oval:def:2600470 PostgreSQL is an advanced object-relational database management system . oval:org.secpod.oval:def:508132 PostgreSQL is an advanced object-relational database management system . Security Fix: postgresql: Buffer overrun from integer overflow in array modification postgresql: Memory disclosure in aggregate function calls postgresql: extension script @substitutions@ within quoting allow SQL injection p ... oval:org.secpod.oval:def:508133 PostgreSQL is an advanced object-relational database management system . Security Fix: postgresql: Buffer overrun from integer overflow in array modification postgresql: Memory disclosure in aggregate function calls postgresql: extension script @substitutions@ within quoting allow SQL injection p ... oval:org.secpod.oval:def:1507231 pgaudit [1.7.0-1] - Update to 1.7.0 - Support postgresql 15 - Related: #2128241 [1.5.0-1] - Update to version 1.5.0 Related: #1855776 pg_repack [1.4.8-1] - Update to version 1.4.8 - Postgresql 15 is supported - Related: #2128241 [1.4.6-4] - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rh ... oval:org.secpod.oval:def:4501516 PostgreSQL is an advanced object-relational database management system . Security Fix: * postgresql: Buffer overrun from integer overflow in array modification * postgresql: Memory disclosure in aggregate function calls * postgresql: extension script @substitutions@ within quoting allow SQL inject ... oval:org.secpod.oval:def:3301860 Security update for postgresql15 oval:org.secpod.oval:def:2501280 PostgreSQL is an advanced object-relational database management system . oval:org.secpod.oval:def:3301885 Security update for postgresql15 oval:org.secpod.oval:def:1507219 pgaudit pg_repack postgres-decoderbufs postgresql oval:org.secpod.oval:def:89049273 This update for postgresql15 fixes the following issues: * Update to 14.9 * CVE-2023-39417: Fixed potential SQL injection for trusted extensions oval:org.secpod.oval:def:92534 postgresql-15: Object-relational SQL database - postgresql-14: Object-relational SQL database - postgresql-12: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:3301848 Security update for postgresql15 oval:org.secpod.oval:def:95389 Several vulnerabilities have been discovered in the PostgreSQL database system. CVE-2023-5868 Jingzhou Fu discovered a memory disclosure flaw in aggregate function calls. CVE-2023-5869 Pedro Gallegos reported integer overflow flaws resulting in buffer overflows in the array modification functions. C ... oval:org.secpod.oval:def:95388 Several vulnerabilities have been discovered in the PostgreSQL database system. CVE-2023-5868 Jingzhou Fu discovered a memory disclosure flaw in aggregate function calls. CVE-2023-5869 Pedro Gallegos reported integer overflow flaws resulting in buffer overflows in the array modification functions. C ... oval:org.secpod.oval:def:93263 postgresql-15: Object-relational SQL database - postgresql-14: Object-relational SQL database - postgresql-12: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:508028 PostgreSQL is an advanced object-relational database management system . Security Fix: postgresql: Buffer overrun from integer overflow in array modification postgresql: Memory disclosure in aggregate function calls postgresql: extension script @substitutions@ within quoting allow SQL injection p ... oval:org.secpod.oval:def:2600462 PostgreSQL is an advanced object-relational database management system . oval:org.secpod.oval:def:708371 postgresql-15: Object-relational SQL database - postgresql-14: Object-relational SQL database - postgresql-12: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:19500378 IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct . If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege ... oval:org.secpod.oval:def:1507182 pgaudit pg_repack postgres-decoderbufs postgresql [13.13-1.0.1] - Fixed postgresql port binding issue during bootup [Orabug: 35103668] [13.13-1] - Update to 13.13 - Fixes: CVE-2023-5868 CVE-2023-5869 CVE-2023-5870 CVE-2023-39417 - Resolves: RHEL-16085 RHEL-16123 oval:org.secpod.oval:def:612798 Several vulnerabilities have been discovered in the PostgreSQL database system. CVE-2023-5868 Jingzhou Fu discovered a memory disclosure flaw in aggregate function calls. CVE-2023-5869 Pedro Gallegos reported integer overflow flaws resulting in buffer overflows in the array modification functions. C ... oval:org.secpod.oval:def:1507203 pgaudit pg_repack postgres-decoderbufs postgresql [15.5-1] - update to 15.5 - Fixes CVE-2023-5868, CVE-2023-5869, CVE-2023-5870, CVE-2023-39417, and CVE-2023-39418 Resolves: RHEL-16100, RHEL-16124, RHEL-16139 oval:org.secpod.oval:def:1701699 IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct . If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege ... oval:org.secpod.oval:def:1701698 IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct . If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege ... oval:org.secpod.oval:def:1701797 IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct . If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege ... oval:org.secpod.oval:def:1507205 [13.13-1.0.1] - Update to 13.13 - Fixes CVE-2023-5868, CVE-2023-5869, CVE-2023-5870, and CVE-2023-39417 oval:org.secpod.oval:def:612797 Several vulnerabilities have been discovered in the PostgreSQL database system. CVE-2023-5868 Jingzhou Fu discovered a memory disclosure flaw in aggregate function calls. CVE-2023-5869 Pedro Gallegos reported integer overflow flaws resulting in buffer overflows in the array modification functions. C ... oval:org.secpod.oval:def:2501290 PostgreSQL is an advanced object-relational database management system . oval:org.secpod.oval:def:89049279 This update for postgresql15 fixes the following issues: * Update to 15.4 * CVE-2023-39417: Fixed potential SQL injection for trusted extensions. * CVE-2023-39418: Fix MERGE to enforce row security oval:org.secpod.oval:def:2501292 PostgreSQL is an advanced object-relational database management system . oval:org.secpod.oval:def:89049277 This update for postgresql12 fixes the following issues: * Update to 12.16 * CVE-2023-39417: Fixed potential SQL injection for trusted extensions oval:org.secpod.oval:def:89049276 This update for postgresql15 fixes the following issues: * Update to 14.9 * CVE-2023-39417: Fixed potential SQL injection for trusted extensions oval:org.secpod.oval:def:89049275 This update for postgresql15 fixes the following issues: * Update to 13.12 * CVE-2023-39417: Fixed potential SQL injection for trusted extensions oval:org.secpod.oval:def:1701793 IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct . If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege ... oval:org.secpod.oval:def:89049274 This update for postgresql12 fixes the following issues: This update for postgresql12 fixes the following issues: * CVE-2023-39417: Fixed potential SQL injection for trusted extensions . oval:org.secpod.oval:def:1507353 pgaudit pg_repack postgres-decoderbufs postgresql [15.6-1] - update to 15.6 - Fixes CVE-2024-0985 [15.5-1] - update to 15.5 - Fixes CVE-2023-5868, CVE-2023-5869, CVE-2023-5870, CVE-2023-39417, and CVE-2023-39418 Resolves: RHEL-16100, RHEL-16124, RHEL-16139 [15.3-1] - update to 15.3 - Fixes CVE-2023- ... |
