rpm package
suse/postgresql14&distro=SUSE OpenStack Cloud 8
pkg:rpm/suse/postgresql14&distro=SUSE%20OpenStack%20Cloud%208
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-1552 | — | < 14.3-3.9.3 | 14.3-3.9.3 | Aug 31, 2022 | A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protecti | ||
| CVE-2021-23214 | — | < 14.1-3.3.1 | 14.1-3.3.1 | Mar 4, 2022 | When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encrypt | ||
| CVE-2021-23222 | — | < 14.1-3.3.1 | 14.1-3.3.1 | Mar 2, 2022 | A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption. |
- CVE-2022-1552Aug 31, 2022affected < 14.3-3.9.3fixed 14.3-3.9.3
A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protecti
- CVE-2021-23214Mar 4, 2022affected < 14.1-3.3.1fixed 14.1-3.3.1
When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encrypt
- CVE-2021-23222Mar 2, 2022affected < 14.1-3.3.1fixed 14.1-3.3.1
A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption.