VYPR

rpm package

suse/postgresql15&distro=SUSE Linux Enterprise Real Time 15 SP3

pkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3

Vulnerabilities (3)

  • CVE-2023-2455Jun 9, 2023
    affected < 15.3-150200.5.9.1fixed 15.3-150200.5.9.1

    Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happe

  • CVE-2023-2454Jun 9, 2023
    affected < 15.3-150200.5.9.1fixed 15.3-150200.5.9.1

    schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code.

  • CVE-2022-41862Mar 3, 2023
    affected < 15.2-150200.5.6.1fixed 15.2-150200.5.6.1

    In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.