rpm package
suse/postgresql12&distro=SUSE Linux Enterprise Module for Package Hub 15 SP2
pkg:rpm/suse/postgresql12&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP2
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-23214 | — | < 12.9-8.26.1 | 12.9-8.26.1 | Mar 4, 2022 | When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encrypt | ||
| CVE-2021-23222 | — | < 12.9-8.26.1 | 12.9-8.26.1 | Mar 2, 2022 | A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption. |
- CVE-2021-23214Mar 4, 2022affected < 12.9-8.26.1fixed 12.9-8.26.1
When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encrypt
- CVE-2021-23222Mar 2, 2022affected < 12.9-8.26.1fixed 12.9-8.26.1
A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption.