VYPR
Unrated severityNVD Advisory· Published Jul 18, 2012· Updated Jun 16, 2026

CVE-2012-0868

CVE-2012-0868

Description

CRLF injection vulnerability in pg_dump in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows user-assisted remote attackers to execute arbitrary SQL commands via a crafted file containing object names with newlines, which are inserted into an SQL script that is used when the database is restored.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

43
  • cpe:2.3:a:postgresql:postgresql:8.3:*:*:*:*:*:*:*+ 39 more
    • cpe:2.3:a:postgresql:postgresql:8.3:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.10:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.11:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.12:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.13:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.14:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.15:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.16:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.17:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.7:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.8:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.9:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.4:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.4.10:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.4.4:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.4.6:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.4.7:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.4.8:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.4.9:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:9.0:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:9.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:9.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:9.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:9.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:9.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:9.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:9.1:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:9.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:9.1.2:*:*:*:*:*:*:*
    • (no CPE)range: >=8.3.0 <8.3.18, >=8.4.0 <8.4.11, >=9.0.0 <9.0.7, >=9.1.0 <9.1.3
  • osv-coords3 versions
    < 9.3.15-1.1+ 2 more
    • (no CPE)range: < 9.3.15-1.1
    • (no CPE)range: < 9.4.10-1.1
    • (no CPE)range: < 9.5.4-1.2

Patches

Vulnerability mechanics

References

14

News mentions

0

No linked articles in our index yet.