Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-10209 (GCVE-0-2019-10209)
Vulnerability from cvelistv5
Published
2019-10-29 13:11
Modified
2024-08-04 22:17
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10209 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://www.postgresql.org/about/news/1960/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10209 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.postgresql.org/about/news/1960/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PostgreSQL | postgresql |
Version: all 11.x before 11.5 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:17:20.096Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10209"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.postgresql.org/about/news/1960/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "postgresql",
"vendor": "PostgreSQL",
"versions": [
{
"status": "affected",
"version": "all 11.x before 11.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-29T13:11:45",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10209"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.postgresql.org/about/news/1960/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2019-10209",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "postgresql",
"version": {
"version_data": [
{
"version_value": "all 11.x before 11.5"
}
]
}
}
]
},
"vendor_name": "PostgreSQL"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "3.1/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10209",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10209"
},
{
"name": "https://www.postgresql.org/about/news/1960/",
"refsource": "CONFIRM",
"url": "https://www.postgresql.org/about/news/1960/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2019-10209",
"datePublished": "2019-10-29T13:11:45",
"dateReserved": "2019-03-27T00:00:00",
"dateUpdated": "2024-08-04T22:17:20.096Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2019-10209\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2019-10-29T19:15:16.250\",\"lastModified\":\"2024-11-21T04:18:39.610\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan.\"},{\"lang\":\"es\",\"value\":\"Postgresql, versiones 11.x anteriores a 11.5, es vulnerable a una divulgaci\u00f3n de memoria en comparaci\u00f3n de tipo cruzada para un subplan de hash.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":2.2,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":0.7,\"impactScore\":1.4}],\"cvssMetricV30\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":3.1,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.6,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:S/C:P/I:N/A:N\",\"baseScore\":3.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":6.8,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"},{\"lang\":\"en\",\"value\":\"CWE-200\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0\",\"versionEndExcluding\":\"11.5\",\"matchCriteriaId\":\"5D4F2F01-FAA1-418D-8FD7-CAABA183BB19\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10209\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://www.postgresql.org/about/news/1960/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10209\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://www.postgresql.org/about/news/1960/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
fkie_cve-2019-10209
Vulnerability from fkie_nvd
Published
2019-10-29 19:15
Modified
2024-11-21 04:18
Severity ?
Summary
Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10209 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://www.postgresql.org/about/news/1960/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10209 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.postgresql.org/about/news/1960/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| postgresql | postgresql | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D4F2F01-FAA1-418D-8FD7-CAABA183BB19",
"versionEndExcluding": "11.5",
"versionStartIncluding": "11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan."
},
{
"lang": "es",
"value": "Postgresql, versiones 11.x anteriores a 11.5, es vulnerable a una divulgaci\u00f3n de memoria en comparaci\u00f3n de tipo cruzada para un subplan de hash."
}
],
"id": "CVE-2019-10209",
"lastModified": "2024-11-21T04:18:39.610",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4,
"source": "secalert@redhat.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.2,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-29T19:15:16.250",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10209"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.postgresql.org/about/news/1960/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10209"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.postgresql.org/about/news/1960/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
ghsa-w4g8-53rg-h648
Vulnerability from github
Published
2022-05-24 17:00
Modified
2024-04-04 02:35
Severity ?
VLAI Severity ?
Details
Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan.
{
"affected": [],
"aliases": [
"CVE-2019-10209"
],
"database_specific": {
"cwe_ids": [
"CWE-125"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-10-29T19:15:00Z",
"severity": "LOW"
},
"details": "Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan.",
"id": "GHSA-w4g8-53rg-h648",
"modified": "2024-04-04T02:35:49Z",
"published": "2022-05-24T17:00:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10209"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10209"
},
{
"type": "WEB",
"url": "https://www.postgresql.org/about/news/1960"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
wid-sec-w-2022-1380
Vulnerability from csaf_certbund
Published
2019-08-08 22:00
Modified
2024-12-23 23:00
Summary
PostgreSQL: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
PostgreSQL ist eine frei verfügbare Datenbank für unterschiedliche Betriebssysteme.
Angriff
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in PostgreSQL ausnutzen, um seine Privilegien zu erhöhen, um Informationen offenzulegen und um die Konfiguration zu manipulieren.
Betroffene Betriebssysteme
- Linux
- MacOS X
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "PostgreSQL ist eine frei verf\u00fcgbare Datenbank f\u00fcr unterschiedliche Betriebssysteme.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in PostgreSQL ausnutzen, um seine Privilegien zu erh\u00f6hen, um Informationen offenzulegen und um die Konfiguration zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- MacOS X\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-1380 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2019/wid-sec-w-2022-1380.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-1380 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1380"
},
{
"category": "external",
"summary": "PostgreSQL Release Notes vom 2019-08-08",
"url": "https://www.postgresql.org/about/news/1960/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4090-1 vom 2019-08-09",
"url": "https://usn.ubuntu.com/4090-1/"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-4492 vom 2019-08-08",
"url": "https://www.debian.org/security/2019/dsa-4492"
},
{
"category": "external",
"summary": "Arch Linux Security Advisory ASA-201908-7 vom 2019-08-10",
"url": "https://security.archlinux.org/ASA-201908-7"
},
{
"category": "external",
"summary": "Arch Linux Security Advisory ASA-201908-8 vom 2019-08-10",
"url": "https://security.archlinux.org/ASA-201908-8"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2159-1 vom 2019-08-22",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192159-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2228-1 vom 2019-08-28",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192228-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2158-1 vom 2019-09-07",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192158-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2707-1 vom 2019-10-18",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192707-1/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:3669 vom 2020-09-08",
"url": "https://access.redhat.com/errata/RHSA-2020:3669"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:4295 vom 2020-10-21",
"url": "https://access.redhat.com/errata/RHSA-2020:4295"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:5619 vom 2020-12-17",
"url": "https://access.redhat.com/errata/RHSA-2020:5619"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:5661 vom 2020-12-22",
"url": "https://access.redhat.com/errata/RHSA-2020:5661"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:5664 vom 2020-12-22",
"url": "https://access.redhat.com/errata/RHSA-2020:5664"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2020-5619 vom 2020-12-23",
"url": "http://linux.oracle.com/errata/ELSA-2020-5619-1.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0164 vom 2021-01-18",
"url": "https://access.redhat.com/errata/RHSA-2021:0164"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0167 vom 2021-01-18",
"url": "https://access.redhat.com/errata/RHSA-2021:0167"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0166 vom 2021-01-18",
"url": "https://access.redhat.com/errata/RHSA-2021:0166"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:1512 vom 2021-05-06",
"url": "https://access.redhat.com/errata/RHSA-2021:1512"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-1512 vom 2021-05-06",
"url": "https://linux.oracle.com/errata/ELSA-2021-1512.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-9290 vom 2021-06-11",
"url": "https://linux.oracle.com/errata/ELSA-2021-9290.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2021-1665 vom 2021-06-23",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2021-1665.html"
},
{
"category": "external",
"summary": "Dell Security Advisory",
"url": "https://www.dell.com/support/kbdoc/de-de/000202875"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-10882 vom 2024-12-24",
"url": "https://linux.oracle.com/errata/ELSA-2024-10882.html"
}
],
"source_lang": "en-US",
"title": "PostgreSQL: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-12-23T23:00:00.000+00:00",
"generator": {
"date": "2024-12-24T10:02:33.475+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2022-1380",
"initial_release_date": "2019-08-08T22:00:00.000+00:00",
"revision_history": [
{
"date": "2019-08-08T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2019-08-08T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2019-08-11T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Arch Linux und Fedora aufgenommen"
},
{
"date": "2019-08-21T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-08-28T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-09-08T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-10-17T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2020-09-07T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-10-21T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-12-17T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-12-21T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-12-22T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2021-01-17T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-01-18T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-05-05T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-05-06T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2021-06-13T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2021-06-23T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2022-09-12T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von EMC aufgenommen"
},
{
"date": "2024-12-23T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Oracle Linux aufgenommen"
}
],
"status": "final",
"version": "20"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c19.7.0.1",
"product": {
"name": "EMC NetWorker \u003c19.7.0.1",
"product_id": "T024541"
}
},
{
"category": "product_version",
"name": "19.7.0.1",
"product": {
"name": "EMC NetWorker 19.7.0.1",
"product_id": "T024541-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:emc:networker:19.7.0.1"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "EMC"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Arch Linux",
"product": {
"name": "Open Source Arch Linux",
"product_id": "T013312",
"product_identification_helper": {
"cpe": "cpe:/o:archlinux:archlinux:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c11.5",
"product": {
"name": "Open Source PostgreSQL \u003c11.5",
"product_id": "T014804"
}
},
{
"category": "product_version",
"name": "11.5",
"product": {
"name": "Open Source PostgreSQL 11.5",
"product_id": "T014804-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:postgresql:postgresql:11.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.10",
"product": {
"name": "Open Source PostgreSQL \u003c10.10",
"product_id": "T014805"
}
},
{
"category": "product_version",
"name": "10.1",
"product": {
"name": "Open Source PostgreSQL 10.10",
"product_id": "T014805-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:postgresql:postgresql:10.10"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.6.15",
"product": {
"name": "Open Source PostgreSQL \u003c9.6.15",
"product_id": "T014806"
}
},
{
"category": "product_version",
"name": "9.6.15",
"product": {
"name": "Open Source PostgreSQL 9.6.15",
"product_id": "T014806-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:postgresql:postgresql:9.6.15"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.5.19",
"product": {
"name": "Open Source PostgreSQL \u003c9.5.19",
"product_id": "T014807"
}
},
{
"category": "product_version",
"name": "9.5.19",
"product": {
"name": "Open Source PostgreSQL 9.5.19",
"product_id": "T014807-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:postgresql:postgresql:9.5.19"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.4.24",
"product": {
"name": "Open Source PostgreSQL \u003c9.4.24",
"product_id": "T014808"
}
},
{
"category": "product_version",
"name": "9.4.24",
"product": {
"name": "Open Source PostgreSQL 9.4.24",
"product_id": "T014808-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:postgresql:postgresql:9.4.24"
}
}
}
],
"category": "product_name",
"name": "PostgreSQL"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-10208",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in PostgreSQL bez\u00fcglich \"SECURITY DEFINER\" Funktionen, wenn diese einen nicht exakten \"Argument Type Match\" haben. Ein Angreifer mit der Berechtigung, eine solche Funktion auszuf\u00fchren, kann dies mit den Rechten des Funktionsbesitzers tun und somit seine Rechte erweitern."
}
],
"product_status": {
"known_affected": [
"T014806",
"T014805",
"T014804",
"67646",
"T013312",
"T004914",
"2951",
"T002207",
"T000126",
"T024541",
"398363",
"T014808",
"T014807"
]
},
"release_date": "2019-08-08T22:00:00.000+00:00",
"title": "CVE-2019-10208"
},
{
"cve": "CVE-2019-10209",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in PostgreSQL, wenn die Datenbank speziell gestaltete, benutzerdefinierte Vergleichsoperatoren enth\u00e4lt. Ein Angreifer kann diese ausnutzen, um Speicherbereiche des Servers offenzulegen."
}
],
"product_status": {
"known_affected": [
"T014806",
"T014805",
"T014804",
"67646",
"T013312",
"T004914",
"2951",
"T002207",
"T000126",
"T024541",
"398363",
"T014808",
"T014807"
]
},
"release_date": "2019-08-08T22:00:00.000+00:00",
"title": "CVE-2019-10209"
},
{
"cve": "CVE-2019-10210",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in PostgreSQL bez\u00fcglich des EnterpriseDB Windows Installationsprogramms. W\u00e4hrend des Installationsvorgangs wird das Superuser Passwort im Klartext in eine tempor\u00e4re Datei geschrieben. Die Datei wird zwar wieder gel\u00f6scht, jedoch kann ein Angreifer w\u00e4hrend des Installationsvorgangs auf diese Datei zugreifen und so das Passwort offenlegen."
}
],
"product_status": {
"known_affected": [
"T014806",
"T014805",
"T014804",
"67646",
"T013312",
"T004914",
"2951",
"T002207",
"T000126",
"T024541",
"398363",
"T014808",
"T014807"
]
},
"release_date": "2019-08-08T22:00:00.000+00:00",
"title": "CVE-2019-10210"
},
{
"cve": "CVE-2019-10211",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in PostgreSQL bez\u00fcglich des EnterpriseDB Windows Installationsprogramms. Die mit dem Installer ausgelieferte OpenSSL Version wird in einem ungesch\u00fctzten Verzeichnis ausgef\u00fchrt. Ein lokaler Angreifer, der vor dem Installationsvorgang dieses Verzeichnis anlegt und dort eine speziell gestaltete OpenSSL Konfigurationsdatei ablegt, kann die SSL Konfiguation der zu installierenden Datenbank beeinflussen."
}
],
"product_status": {
"known_affected": [
"T014806",
"T014805",
"T014804",
"67646",
"T013312",
"T004914",
"2951",
"T002207",
"T000126",
"T024541",
"398363",
"T014808",
"T014807"
]
},
"release_date": "2019-08-08T22:00:00.000+00:00",
"title": "CVE-2019-10211"
}
]
}
opensuse-su-2024:11185-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
postgresql11-11.13-1.3 on GA media
Notes
Title of the patch
postgresql11-11.13-1.3 on GA media
Description of the patch
These are all security issues fixed in the postgresql11-11.13-1.3 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-11185
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "postgresql11-11.13-1.3 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the postgresql11-11.13-1.3 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-11185",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11185-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10925 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16850 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10129 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10129/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10130 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10164 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10164/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10208 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10209 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10209/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-14349 page",
"url": "https://www.suse.com/security/cve/CVE-2020-14349/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-14350 page",
"url": "https://www.suse.com/security/cve/CVE-2020-14350/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-1720 page",
"url": "https://www.suse.com/security/cve/CVE-2020-1720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25694 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25694/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25695 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25696 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32027 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32027/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32028 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32029 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32029/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3393 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3393/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3677 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3677/"
}
],
"title": "postgresql11-11.13-1.3 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:11185-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "postgresql11-11.13-1.3.aarch64",
"product": {
"name": "postgresql11-11.13-1.3.aarch64",
"product_id": "postgresql11-11.13-1.3.aarch64"
}
},
{
"category": "product_version",
"name": "postgresql11-contrib-11.13-1.3.aarch64",
"product": {
"name": "postgresql11-contrib-11.13-1.3.aarch64",
"product_id": "postgresql11-contrib-11.13-1.3.aarch64"
}
},
{
"category": "product_version",
"name": "postgresql11-devel-11.13-1.3.aarch64",
"product": {
"name": "postgresql11-devel-11.13-1.3.aarch64",
"product_id": "postgresql11-devel-11.13-1.3.aarch64"
}
},
{
"category": "product_version",
"name": "postgresql11-docs-11.13-1.3.aarch64",
"product": {
"name": "postgresql11-docs-11.13-1.3.aarch64",
"product_id": "postgresql11-docs-11.13-1.3.aarch64"
}
},
{
"category": "product_version",
"name": "postgresql11-llvmjit-11.13-1.3.aarch64",
"product": {
"name": "postgresql11-llvmjit-11.13-1.3.aarch64",
"product_id": "postgresql11-llvmjit-11.13-1.3.aarch64"
}
},
{
"category": "product_version",
"name": "postgresql11-plperl-11.13-1.3.aarch64",
"product": {
"name": "postgresql11-plperl-11.13-1.3.aarch64",
"product_id": "postgresql11-plperl-11.13-1.3.aarch64"
}
},
{
"category": "product_version",
"name": "postgresql11-plpython-11.13-1.3.aarch64",
"product": {
"name": "postgresql11-plpython-11.13-1.3.aarch64",
"product_id": "postgresql11-plpython-11.13-1.3.aarch64"
}
},
{
"category": "product_version",
"name": "postgresql11-pltcl-11.13-1.3.aarch64",
"product": {
"name": "postgresql11-pltcl-11.13-1.3.aarch64",
"product_id": "postgresql11-pltcl-11.13-1.3.aarch64"
}
},
{
"category": "product_version",
"name": "postgresql11-server-11.13-1.3.aarch64",
"product": {
"name": "postgresql11-server-11.13-1.3.aarch64",
"product_id": "postgresql11-server-11.13-1.3.aarch64"
}
},
{
"category": "product_version",
"name": "postgresql11-server-devel-11.13-1.3.aarch64",
"product": {
"name": "postgresql11-server-devel-11.13-1.3.aarch64",
"product_id": "postgresql11-server-devel-11.13-1.3.aarch64"
}
},
{
"category": "product_version",
"name": "postgresql11-test-11.13-1.3.aarch64",
"product": {
"name": "postgresql11-test-11.13-1.3.aarch64",
"product_id": "postgresql11-test-11.13-1.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "postgresql11-11.13-1.3.ppc64le",
"product": {
"name": "postgresql11-11.13-1.3.ppc64le",
"product_id": "postgresql11-11.13-1.3.ppc64le"
}
},
{
"category": "product_version",
"name": "postgresql11-contrib-11.13-1.3.ppc64le",
"product": {
"name": "postgresql11-contrib-11.13-1.3.ppc64le",
"product_id": "postgresql11-contrib-11.13-1.3.ppc64le"
}
},
{
"category": "product_version",
"name": "postgresql11-devel-11.13-1.3.ppc64le",
"product": {
"name": "postgresql11-devel-11.13-1.3.ppc64le",
"product_id": "postgresql11-devel-11.13-1.3.ppc64le"
}
},
{
"category": "product_version",
"name": "postgresql11-docs-11.13-1.3.ppc64le",
"product": {
"name": "postgresql11-docs-11.13-1.3.ppc64le",
"product_id": "postgresql11-docs-11.13-1.3.ppc64le"
}
},
{
"category": "product_version",
"name": "postgresql11-llvmjit-11.13-1.3.ppc64le",
"product": {
"name": "postgresql11-llvmjit-11.13-1.3.ppc64le",
"product_id": "postgresql11-llvmjit-11.13-1.3.ppc64le"
}
},
{
"category": "product_version",
"name": "postgresql11-plperl-11.13-1.3.ppc64le",
"product": {
"name": "postgresql11-plperl-11.13-1.3.ppc64le",
"product_id": "postgresql11-plperl-11.13-1.3.ppc64le"
}
},
{
"category": "product_version",
"name": "postgresql11-plpython-11.13-1.3.ppc64le",
"product": {
"name": "postgresql11-plpython-11.13-1.3.ppc64le",
"product_id": "postgresql11-plpython-11.13-1.3.ppc64le"
}
},
{
"category": "product_version",
"name": "postgresql11-pltcl-11.13-1.3.ppc64le",
"product": {
"name": "postgresql11-pltcl-11.13-1.3.ppc64le",
"product_id": "postgresql11-pltcl-11.13-1.3.ppc64le"
}
},
{
"category": "product_version",
"name": "postgresql11-server-11.13-1.3.ppc64le",
"product": {
"name": "postgresql11-server-11.13-1.3.ppc64le",
"product_id": "postgresql11-server-11.13-1.3.ppc64le"
}
},
{
"category": "product_version",
"name": "postgresql11-server-devel-11.13-1.3.ppc64le",
"product": {
"name": "postgresql11-server-devel-11.13-1.3.ppc64le",
"product_id": "postgresql11-server-devel-11.13-1.3.ppc64le"
}
},
{
"category": "product_version",
"name": "postgresql11-test-11.13-1.3.ppc64le",
"product": {
"name": "postgresql11-test-11.13-1.3.ppc64le",
"product_id": "postgresql11-test-11.13-1.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "postgresql11-11.13-1.3.s390x",
"product": {
"name": "postgresql11-11.13-1.3.s390x",
"product_id": "postgresql11-11.13-1.3.s390x"
}
},
{
"category": "product_version",
"name": "postgresql11-contrib-11.13-1.3.s390x",
"product": {
"name": "postgresql11-contrib-11.13-1.3.s390x",
"product_id": "postgresql11-contrib-11.13-1.3.s390x"
}
},
{
"category": "product_version",
"name": "postgresql11-devel-11.13-1.3.s390x",
"product": {
"name": "postgresql11-devel-11.13-1.3.s390x",
"product_id": "postgresql11-devel-11.13-1.3.s390x"
}
},
{
"category": "product_version",
"name": "postgresql11-docs-11.13-1.3.s390x",
"product": {
"name": "postgresql11-docs-11.13-1.3.s390x",
"product_id": "postgresql11-docs-11.13-1.3.s390x"
}
},
{
"category": "product_version",
"name": "postgresql11-llvmjit-11.13-1.3.s390x",
"product": {
"name": "postgresql11-llvmjit-11.13-1.3.s390x",
"product_id": "postgresql11-llvmjit-11.13-1.3.s390x"
}
},
{
"category": "product_version",
"name": "postgresql11-plperl-11.13-1.3.s390x",
"product": {
"name": "postgresql11-plperl-11.13-1.3.s390x",
"product_id": "postgresql11-plperl-11.13-1.3.s390x"
}
},
{
"category": "product_version",
"name": "postgresql11-plpython-11.13-1.3.s390x",
"product": {
"name": "postgresql11-plpython-11.13-1.3.s390x",
"product_id": "postgresql11-plpython-11.13-1.3.s390x"
}
},
{
"category": "product_version",
"name": "postgresql11-pltcl-11.13-1.3.s390x",
"product": {
"name": "postgresql11-pltcl-11.13-1.3.s390x",
"product_id": "postgresql11-pltcl-11.13-1.3.s390x"
}
},
{
"category": "product_version",
"name": "postgresql11-server-11.13-1.3.s390x",
"product": {
"name": "postgresql11-server-11.13-1.3.s390x",
"product_id": "postgresql11-server-11.13-1.3.s390x"
}
},
{
"category": "product_version",
"name": "postgresql11-server-devel-11.13-1.3.s390x",
"product": {
"name": "postgresql11-server-devel-11.13-1.3.s390x",
"product_id": "postgresql11-server-devel-11.13-1.3.s390x"
}
},
{
"category": "product_version",
"name": "postgresql11-test-11.13-1.3.s390x",
"product": {
"name": "postgresql11-test-11.13-1.3.s390x",
"product_id": "postgresql11-test-11.13-1.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "postgresql11-11.13-1.3.x86_64",
"product": {
"name": "postgresql11-11.13-1.3.x86_64",
"product_id": "postgresql11-11.13-1.3.x86_64"
}
},
{
"category": "product_version",
"name": "postgresql11-contrib-11.13-1.3.x86_64",
"product": {
"name": "postgresql11-contrib-11.13-1.3.x86_64",
"product_id": "postgresql11-contrib-11.13-1.3.x86_64"
}
},
{
"category": "product_version",
"name": "postgresql11-devel-11.13-1.3.x86_64",
"product": {
"name": "postgresql11-devel-11.13-1.3.x86_64",
"product_id": "postgresql11-devel-11.13-1.3.x86_64"
}
},
{
"category": "product_version",
"name": "postgresql11-docs-11.13-1.3.x86_64",
"product": {
"name": "postgresql11-docs-11.13-1.3.x86_64",
"product_id": "postgresql11-docs-11.13-1.3.x86_64"
}
},
{
"category": "product_version",
"name": "postgresql11-llvmjit-11.13-1.3.x86_64",
"product": {
"name": "postgresql11-llvmjit-11.13-1.3.x86_64",
"product_id": "postgresql11-llvmjit-11.13-1.3.x86_64"
}
},
{
"category": "product_version",
"name": "postgresql11-plperl-11.13-1.3.x86_64",
"product": {
"name": "postgresql11-plperl-11.13-1.3.x86_64",
"product_id": "postgresql11-plperl-11.13-1.3.x86_64"
}
},
{
"category": "product_version",
"name": "postgresql11-plpython-11.13-1.3.x86_64",
"product": {
"name": "postgresql11-plpython-11.13-1.3.x86_64",
"product_id": "postgresql11-plpython-11.13-1.3.x86_64"
}
},
{
"category": "product_version",
"name": "postgresql11-pltcl-11.13-1.3.x86_64",
"product": {
"name": "postgresql11-pltcl-11.13-1.3.x86_64",
"product_id": "postgresql11-pltcl-11.13-1.3.x86_64"
}
},
{
"category": "product_version",
"name": "postgresql11-server-11.13-1.3.x86_64",
"product": {
"name": "postgresql11-server-11.13-1.3.x86_64",
"product_id": "postgresql11-server-11.13-1.3.x86_64"
}
},
{
"category": "product_version",
"name": "postgresql11-server-devel-11.13-1.3.x86_64",
"product": {
"name": "postgresql11-server-devel-11.13-1.3.x86_64",
"product_id": "postgresql11-server-devel-11.13-1.3.x86_64"
}
},
{
"category": "product_version",
"name": "postgresql11-test-11.13-1.3.x86_64",
"product": {
"name": "postgresql11-test-11.13-1.3.x86_64",
"product_id": "postgresql11-test-11.13-1.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-11.13-1.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64"
},
"product_reference": "postgresql11-11.13-1.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-11.13-1.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le"
},
"product_reference": "postgresql11-11.13-1.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-11.13-1.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x"
},
"product_reference": "postgresql11-11.13-1.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-11.13-1.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64"
},
"product_reference": "postgresql11-11.13-1.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-contrib-11.13-1.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64"
},
"product_reference": "postgresql11-contrib-11.13-1.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-contrib-11.13-1.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le"
},
"product_reference": "postgresql11-contrib-11.13-1.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-contrib-11.13-1.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x"
},
"product_reference": "postgresql11-contrib-11.13-1.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-contrib-11.13-1.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64"
},
"product_reference": "postgresql11-contrib-11.13-1.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-devel-11.13-1.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64"
},
"product_reference": "postgresql11-devel-11.13-1.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-devel-11.13-1.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le"
},
"product_reference": "postgresql11-devel-11.13-1.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-devel-11.13-1.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x"
},
"product_reference": "postgresql11-devel-11.13-1.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-devel-11.13-1.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64"
},
"product_reference": "postgresql11-devel-11.13-1.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-docs-11.13-1.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64"
},
"product_reference": "postgresql11-docs-11.13-1.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-docs-11.13-1.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le"
},
"product_reference": "postgresql11-docs-11.13-1.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-docs-11.13-1.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x"
},
"product_reference": "postgresql11-docs-11.13-1.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-docs-11.13-1.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64"
},
"product_reference": "postgresql11-docs-11.13-1.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-llvmjit-11.13-1.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64"
},
"product_reference": "postgresql11-llvmjit-11.13-1.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-llvmjit-11.13-1.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le"
},
"product_reference": "postgresql11-llvmjit-11.13-1.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-llvmjit-11.13-1.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x"
},
"product_reference": "postgresql11-llvmjit-11.13-1.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-llvmjit-11.13-1.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64"
},
"product_reference": "postgresql11-llvmjit-11.13-1.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-plperl-11.13-1.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64"
},
"product_reference": "postgresql11-plperl-11.13-1.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-plperl-11.13-1.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le"
},
"product_reference": "postgresql11-plperl-11.13-1.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-plperl-11.13-1.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x"
},
"product_reference": "postgresql11-plperl-11.13-1.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-plperl-11.13-1.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64"
},
"product_reference": "postgresql11-plperl-11.13-1.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-plpython-11.13-1.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64"
},
"product_reference": "postgresql11-plpython-11.13-1.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-plpython-11.13-1.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le"
},
"product_reference": "postgresql11-plpython-11.13-1.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-plpython-11.13-1.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x"
},
"product_reference": "postgresql11-plpython-11.13-1.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-plpython-11.13-1.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64"
},
"product_reference": "postgresql11-plpython-11.13-1.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-pltcl-11.13-1.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64"
},
"product_reference": "postgresql11-pltcl-11.13-1.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-pltcl-11.13-1.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le"
},
"product_reference": "postgresql11-pltcl-11.13-1.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-pltcl-11.13-1.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x"
},
"product_reference": "postgresql11-pltcl-11.13-1.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-pltcl-11.13-1.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64"
},
"product_reference": "postgresql11-pltcl-11.13-1.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-server-11.13-1.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64"
},
"product_reference": "postgresql11-server-11.13-1.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-server-11.13-1.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le"
},
"product_reference": "postgresql11-server-11.13-1.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-server-11.13-1.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x"
},
"product_reference": "postgresql11-server-11.13-1.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-server-11.13-1.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64"
},
"product_reference": "postgresql11-server-11.13-1.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-server-devel-11.13-1.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64"
},
"product_reference": "postgresql11-server-devel-11.13-1.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-server-devel-11.13-1.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le"
},
"product_reference": "postgresql11-server-devel-11.13-1.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-server-devel-11.13-1.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x"
},
"product_reference": "postgresql11-server-devel-11.13-1.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-server-devel-11.13-1.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64"
},
"product_reference": "postgresql11-server-devel-11.13-1.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-test-11.13-1.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64"
},
"product_reference": "postgresql11-test-11.13-1.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-test-11.13-1.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le"
},
"product_reference": "postgresql11-test-11.13-1.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-test-11.13-1.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x"
},
"product_reference": "postgresql11-test-11.13-1.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql11-test-11.13-1.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
},
"product_reference": "postgresql11-test-11.13-1.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-10925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10925"
}
],
"notes": [
{
"category": "general",
"text": "It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed to properly check authorization on certain statements involved with \"INSERT ... ON CONFLICT DO UPDATE\". An attacker with \"CREATE TABLE\" privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain \"INSERT\" and limited \"UPDATE\" privileges to a particular table, they could exploit this to update other columns in the same table.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10925",
"url": "https://www.suse.com/security/cve/CVE-2018-10925"
},
{
"category": "external",
"summary": "SUSE Bug 1104202 for CVE-2018-10925",
"url": "https://bugzilla.suse.com/1104202"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2018-10925"
},
{
"cve": "CVE-2018-16850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16850"
}
],
"notes": [
{
"category": "general",
"text": "postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16850",
"url": "https://www.suse.com/security/cve/CVE-2018-16850"
},
{
"category": "external",
"summary": "SUSE Bug 1114837 for CVE-2018-16850",
"url": "https://bugzilla.suse.com/1114837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2018-16850"
},
{
"cve": "CVE-2019-10129",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10129"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10129",
"url": "https://www.suse.com/security/cve/CVE-2019-10129"
},
{
"category": "external",
"summary": "SUSE Bug 1134684 for CVE-2019-10129",
"url": "https://bugzilla.suse.com/1134684"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-10129"
},
{
"cve": "CVE-2019-10130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10130"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10.8, 9.6.x up to, excluding 9.6.13, 9.5.x up to, excluding 9.5.17. PostgreSQL maintains column statistics for tables. Certain statistics, such as histograms and lists of most common values, contain values taken from the column. PostgreSQL does not evaluate row security policies before consulting those statistics during query planning; an attacker can exploit this to read the most common values of certain columns. Affected columns are those for which the attacker has SELECT privilege and for which, in an ordinary query, row-level security prunes the set of rows visible to the attacker.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10130",
"url": "https://www.suse.com/security/cve/CVE-2019-10130"
},
{
"category": "external",
"summary": "SUSE Bug 1134689 for CVE-2019-10130",
"url": "https://bugzilla.suse.com/1134689"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-10130"
},
{
"cve": "CVE-2019-10164",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10164"
}
],
"notes": [
{
"category": "general",
"text": "PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user\u0027s own password to a purpose-crafted value. This often suffices to execute arbitrary code as the PostgreSQL operating system account.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10164",
"url": "https://www.suse.com/security/cve/CVE-2019-10164"
},
{
"category": "external",
"summary": "SUSE Bug 1138034 for CVE-2019-10164",
"url": "https://bugzilla.suse.com/1138034"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2019-10164"
},
{
"cve": "CVE-2019-10208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10208"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5.x before 9.5.19, 9.6.x before 9.6.15, 10.x before 10.10 and 11.x before 11.5 where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE permission on the function, can execute arbitrary SQL as the owner of the function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10208",
"url": "https://www.suse.com/security/cve/CVE-2019-10208"
},
{
"category": "external",
"summary": "SUSE Bug 1145092 for CVE-2019-10208",
"url": "https://bugzilla.suse.com/1145092"
},
{
"category": "external",
"summary": "SUSE Bug 1171566 for CVE-2019-10208",
"url": "https://bugzilla.suse.com/1171566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2019-10208"
},
{
"cve": "CVE-2019-10209",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10209"
}
],
"notes": [
{
"category": "general",
"text": "Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10209",
"url": "https://www.suse.com/security/cve/CVE-2019-10209"
},
{
"category": "external",
"summary": "SUSE Bug 1145091 for CVE-2019-10209",
"url": "https://bugzilla.suse.com/1145091"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.2,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2019-10209"
},
{
"cve": "CVE-2020-14349",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-14349"
}
],
"notes": [
{
"category": "general",
"text": "It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058, in order to execute arbitrary SQL command in the context of the user used for replication.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-14349",
"url": "https://www.suse.com/security/cve/CVE-2020-14349"
},
{
"category": "external",
"summary": "SUSE Bug 1175193 for CVE-2020-14349",
"url": "https://bugzilla.suse.com/1175193"
},
{
"category": "external",
"summary": "SUSE Bug 1176151 for CVE-2020-14349",
"url": "https://bugzilla.suse.com/1176151"
},
{
"category": "external",
"summary": "SUSE Bug 1179499 for CVE-2020-14349",
"url": "https://bugzilla.suse.com/1179499"
},
{
"category": "external",
"summary": "SUSE Bug 1179870 for CVE-2020-14349",
"url": "https://bugzilla.suse.com/1179870"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-14349"
},
{
"cve": "CVE-2020-14350",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-14350"
}
],
"notes": [
{
"category": "general",
"text": "It was found that some PostgreSQL extensions did not use search_path safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into executing a specially crafted script, during the installation or update of such extension. This affects PostgreSQL versions before 12.4, before 11.9, before 10.14, before 9.6.19, and before 9.5.23.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-14350",
"url": "https://www.suse.com/security/cve/CVE-2020-14350"
},
{
"category": "external",
"summary": "SUSE Bug 1175194 for CVE-2020-14350",
"url": "https://bugzilla.suse.com/1175194"
},
{
"category": "external",
"summary": "SUSE Bug 1176151 for CVE-2020-14350",
"url": "https://bugzilla.suse.com/1176151"
},
{
"category": "external",
"summary": "SUSE Bug 1179115 for CVE-2020-14350",
"url": "https://bugzilla.suse.com/1179115"
},
{
"category": "external",
"summary": "SUSE Bug 1179499 for CVE-2020-14350",
"url": "https://bugzilla.suse.com/1179499"
},
{
"category": "external",
"summary": "SUSE Bug 1179870 for CVE-2020-14350",
"url": "https://bugzilla.suse.com/1179870"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-14350"
},
{
"cve": "CVE-2020-1720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-1720"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in PostgreSQL\u0027s \"ALTER ... DEPENDS ON EXTENSION\", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function, triggers, et al., leading to database corruption. This issue affects PostgreSQL versions before 12.2, before 11.7, before 10.12 and before 9.6.17.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-1720",
"url": "https://www.suse.com/security/cve/CVE-2020-1720"
},
{
"category": "external",
"summary": "SUSE Bug 1163985 for CVE-2020-1720",
"url": "https://bugzilla.suse.com/1163985"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-1720"
},
{
"cve": "CVE-2020-25694",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25694"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters, an opportunity for a man-in-the-middle attack, or the ability to observe clear-text transmissions, could exist. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25694",
"url": "https://www.suse.com/security/cve/CVE-2020-25694"
},
{
"category": "external",
"summary": "SUSE Bug 1178667 for CVE-2020-25694",
"url": "https://bugzilla.suse.com/1178667"
},
{
"category": "external",
"summary": "SUSE Bug 1179870 for CVE-2020-25694",
"url": "https://bugzilla.suse.com/1179870"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-25694"
},
{
"cve": "CVE-2020-25695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25695"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25695",
"url": "https://www.suse.com/security/cve/CVE-2020-25695"
},
{
"category": "external",
"summary": "SUSE Bug 1178666 for CVE-2020-25695",
"url": "https://bugzilla.suse.com/1178666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-25695"
},
{
"cve": "CVE-2020-25696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25696"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If an interactive psql session uses \\gset when querying a compromised server, the attacker can execute arbitrary code as the operating system account running psql. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25696",
"url": "https://www.suse.com/security/cve/CVE-2020-25696"
},
{
"category": "external",
"summary": "SUSE Bug 1178668 for CVE-2020-25696",
"url": "https://bugzilla.suse.com/1178668"
},
{
"category": "external",
"summary": "SUSE Bug 1179870 for CVE-2020-25696",
"url": "https://bugzilla.suse.com/1179870"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-25696"
},
{
"cve": "CVE-2021-32027",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32027"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32027",
"url": "https://www.suse.com/security/cve/CVE-2021-32027"
},
{
"category": "external",
"summary": "SUSE Bug 1185924 for CVE-2021-32027",
"url": "https://bugzilla.suse.com/1185924"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-32027"
},
{
"cve": "CVE-2021-32028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32028"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32028",
"url": "https://www.suse.com/security/cve/CVE-2021-32028"
},
{
"category": "external",
"summary": "SUSE Bug 1185925 for CVE-2021-32028",
"url": "https://bugzilla.suse.com/1185925"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-32028"
},
{
"cve": "CVE-2021-32029",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32029"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in postgresql. Using an UPDATE ... RETURNING command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32029",
"url": "https://www.suse.com/security/cve/CVE-2021-32029"
},
{
"category": "external",
"summary": "SUSE Bug 1185926 for CVE-2021-32029",
"url": "https://bugzilla.suse.com/1185926"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-32029"
},
{
"cve": "CVE-2021-3393",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3393"
}
],
"notes": [
{
"category": "general",
"text": "An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. A user having UPDATE permission but not SELECT permission to a particular column could craft queries which, under some circumstances, might disclose values from that column in error messages. An attacker could use this flaw to obtain information stored in a column they are allowed to write but not read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3393",
"url": "https://www.suse.com/security/cve/CVE-2021-3393"
},
{
"category": "external",
"summary": "SUSE Bug 1182040 for CVE-2021-3393",
"url": "https://bugzilla.suse.com/1182040"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2021-3393"
},
{
"cve": "CVE-2021-3677",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3677"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include max_worker_processes=0, the known versions of this attack are infeasible. However, undiscovered variants of the attack may be independent of that setting.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3677",
"url": "https://www.suse.com/security/cve/CVE-2021-3677"
},
{
"category": "external",
"summary": "SUSE Bug 1189748 for CVE-2021-3677",
"url": "https://bugzilla.suse.com/1189748"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
"openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-3677"
}
]
}
gsd-2019-10209
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-10209",
"description": "Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan.",
"id": "GSD-2019-10209",
"references": [
"https://www.suse.com/security/cve/CVE-2019-10209.html",
"https://www.debian.org/security/2019/dsa-4493",
"https://ubuntu.com/security/CVE-2019-10209",
"https://advisories.mageia.org/CVE-2019-10209.html",
"https://security.archlinux.org/CVE-2019-10209"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-10209"
],
"details": "Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan.",
"id": "GSD-2019-10209",
"modified": "2023-12-13T01:23:57.793861Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2019-10209",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "postgresql",
"version": {
"version_data": [
{
"version_value": "all 11.x before 11.5"
}
]
}
}
]
},
"vendor_name": "PostgreSQL"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "3.1/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10209",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10209"
},
{
"name": "https://www.postgresql.org/about/news/1960/",
"refsource": "CONFIRM",
"url": "https://www.postgresql.org/about/news/1960/"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.5",
"versionStartIncluding": "11.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2019-10209"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.postgresql.org/about/news/1960/",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://www.postgresql.org/about/news/1960/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10209",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10209"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.2,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 1.4
}
},
"lastModifiedDate": "2020-10-01T16:53Z",
"publishedDate": "2019-10-29T19:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…