VYPR

rpm package

suse/postgresql-init&distro=SUSE Linux Enterprise Server for SAP Applications 12

pkg:rpm/suse/postgresql-init&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012

Vulnerabilities (2)

  • CVE-2015-5289Oct 26, 2015
    affected < 9.4-17.8.1fixed 9.4-17.8.1

    Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service (server crash) via unspecified vectors, which are not properly handled in (1) json or (2) jsonb values.

  • CVE-2015-5288Oct 26, 2015
    affected < 9.4-17.8.1fixed 9.4-17.8.1

    The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x before 9.1.19, 9.2.x before 9.2.14, 9.3.x before 9.3.10, and 9.4.x before 9.4.5 allows attackers to cause a denial of service (server crash) or read arbitrary server memory via a "too-short" salt.