Search CVE reports
11 – 20 of 35 results
Some fixes available 3 of 8
PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows remote authenticated users to cause a denial of service (stack consumption and crash) by triggering a failure in the conversion of a localized error message to a...
5 affected packages
postgresql-7.4, postgresql-8.0, postgresql-8.1, postgresql-8.2, postgresql-8.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| postgresql-7.4 | — | — | — | — |
| postgresql-8.0 | — | — | — | — |
| postgresql-8.1 | — | — | — | — |
| postgresql-8.2 | — | — | — | — |
| postgresql-8.3 | — | — | — | — |
Some fixes available 5 of 7
The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via...
2 affected packages
postgresql-8.2, postgresql-8.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| postgresql-8.2 | — | — | — | — |
| postgresql-8.1 | — | — | — | — |
Some fixes available 5 of 7
PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21 uses superuser privileges instead of table owner privileges for (1) VACUUM and (2) ANALYZE operations within index...
2 affected packages
postgresql-8.1, postgresql-8.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| postgresql-8.1 | — | — | — | — |
| postgresql-8.2 | — | — | — | — |
Some fixes available 5 of 7
Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to...
2 affected packages
postgresql-8.1, postgresql-8.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| postgresql-8.1 | — | — | — | — |
| postgresql-8.2 | — | — | — | — |
Some fixes available 5 of 17
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite...
5 affected packages
postgresql-8.1, postgresql-8.2, tcl8.3, tcl8.4, tcl8.5
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| postgresql-8.1 | — | — | — | — |
| postgresql-8.2 | — | — | — | — |
| tcl8.3 | — | — | — | — |
| tcl8.4 | — | — | — | — |
| tcl8.5 | — | — | — | — |
Some fixes available 5 of 7
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend...
2 affected packages
postgresql-8.1, postgresql-8.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| postgresql-8.1 | — | — | — | — |
| postgresql-8.2 | — | — | — | — |
The Database Link library (dblink) in PostgreSQL 8.1 implements functions via CREATE statements that map to arbitrary libraries based on the C programming language, which allows remote authenticated superusers to map and execute a...
2 affected packages
postgresql-8.1, postgresql-8.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| postgresql-8.1 | — | — | — | — |
| postgresql-8.2 | — | — | — | — |
PostgreSQL 8.1 and probably later versions, when the PL/pgSQL (plpgsql) language has been created, grants certain plpgsql privileges to the PUBLIC domain, which allows remote attackers to create and execute functions,...
2 affected packages
postgresql-8.1, postgresql-8.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| postgresql-8.1 | — | — | — | — |
| postgresql-8.2 | — | — | — | — |
PostgreSQL 8.1 and probably later versions, when local trust authentication is enabled and the Database Link library (dblink) is installed, allows remote attackers to access arbitrary accounts and execute arbitrary SQL queries via...
2 affected packages
postgresql-8.1, postgresql-8.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| postgresql-8.1 | — | — | — | — |
| postgresql-8.2 | — | — | — | — |
Some fixes available 6 of 7
Untrusted search path vulnerability in PostgreSQL before 7.3.19, 7.4.x before 7.4.17, 8.0.x before 8.0.13, 8.1.x before 8.1.9, and 8.2.x before 8.2.4 allows remote authenticated users, when permitted to call a SECURITY DEFINER...
2 affected packages
postgresql-8.1, postgresql-8.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| postgresql-8.1 | — | — | — | — |
| postgresql-8.2 | — | — | — | — |