VYPR

rpm package

suse/postgresql14&distro=SUSE Linux Enterprise Module for Server Applications 15 SP2

pkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP2

Vulnerabilities (2)

  • CVE-2021-23214Mar 4, 2022
    affected < 14.1-5.6.1fixed 14.1-5.6.1

    When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encrypt

  • CVE-2021-23222Mar 2, 2022
    affected < 14.1-5.6.1fixed 14.1-5.6.1

    A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption.