CVE-2019-10129 (GCVE-0-2019-10129)

Vulnerability from cvelistv5

Published

2019-07-30 16:10

Modified

2024-08-04 22:10

Severity ?

6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-125

Summary

References

URL	Tags
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10129	Issue Tracking, Third Party Advisory
secalert@redhat.com	https://security.gentoo.org/glsa/202003-03	Third Party Advisory
secalert@redhat.com	https://www.postgresql.org/about/news/1939/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10129	Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/202003-03	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.postgresql.org/about/news/1939/	Vendor Advisory

Impacted products

	Vendor	Product	Version
	PostgreSQL Project	postgresql	Version: 11.x prior to 11.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:10:09.985Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-202003-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202003-03"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10129"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.postgresql.org/about/news/1939/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "postgresql",
          "vendor": "PostgreSQL Project",
          "versions": [
            {
              "status": "affected",
              "version": "11.x prior to 11.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052)."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-04T18:00:58",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "GLSA-202003-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202003-03"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10129"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.postgresql.org/about/news/1939/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2019-10129",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "postgresql",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "11.x prior to 11.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "PostgreSQL Project"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052)."
            }
          ]
        },
        "impact": {
          "cvss": [
            [
              {
                "vectorString": "6.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ]
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-125"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-202003-03",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202003-03"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10129",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10129"
            },
            {
              "name": "https://www.postgresql.org/about/news/1939/",
              "refsource": "MISC",
              "url": "https://www.postgresql.org/about/news/1939/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2019-10129",
    "datePublished": "2019-07-30T16:10:04",
    "dateReserved": "2019-03-27T00:00:00",
    "dateUpdated": "2024-08-04T22:10:09.985Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-10129\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2019-07-30T17:15:12.263\",\"lastModified\":\"2024-11-21T04:18:28.557\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052).\"},{\"lang\":\"es\",\"value\":\"Se detect\u00f3 una vulnerabilidad en postgresql versiones 11.x anteriores a 11.3. Usando una inserci\u00f3n especialmente dise\u00f1ada espec\u00edficamente para una tabla particionada, un atacante puede leer bytes arbitrarios desde la memoria del servidor. En la configuraci\u00f3n por defecto, cualquier usuario puede crear una tabla particionada adecuada para este ataque. (Los requisitos previos de est\u00e1 explotaci\u00f3n son los mismos que para el CVE-2018-1052).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV30\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:N/A:N\",\"baseScore\":4.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0\",\"versionEndExcluding\":\"11.3\",\"matchCriteriaId\":\"588922E6-6F1E-4219-ADB3-F9E8696E03F8\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10129\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202003-03\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.postgresql.org/about/news/1939/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10129\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202003-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.postgresql.org/about/news/1939/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

gsd-2019-10129

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

Aliases

CVE-2019-10129

Aliases

CVE-2019-10129

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-10129",
    "description": "A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052).",
    "id": "GSD-2019-10129",
    "references": [
      "https://www.suse.com/security/cve/CVE-2019-10129.html",
      "https://ubuntu.com/security/CVE-2019-10129",
      "https://advisories.mageia.org/CVE-2019-10129.html",
      "https://linux.oracle.com/cve/CVE-2019-10129.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-10129"
      ],
      "details": "A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052).",
      "id": "GSD-2019-10129",
      "modified": "2023-12-13T01:23:59.643657Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2019-10129",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "postgresql",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "11.x prior to 11.3"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "PostgreSQL Project"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052)."
          }
        ]
      },
      "impact": {
        "cvss": [
          [
            {
              "vectorString": "6.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
              "version": "3.0"
            }
          ]
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-125"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "GLSA-202003-03",
            "refsource": "GENTOO",
            "url": "https://security.gentoo.org/glsa/202003-03"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10129",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10129"
          },
          {
            "name": "https://www.postgresql.org/about/news/1939/",
            "refsource": "MISC",
            "url": "https://www.postgresql.org/about/news/1939/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "11.3",
                "versionStartIncluding": "11.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2019-10129"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-125"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10129",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking",
                "Third Party Advisory"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10129"
            },
            {
              "name": "https://www.postgresql.org/about/news/1939/",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.postgresql.org/about/news/1939/"
            },
            {
              "name": "GLSA-202003-03",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202003-03"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2023-02-03T14:26Z",
      "publishedDate": "2019-07-30T17:15Z"
    }
  }
}

cnvd-2019-16482

Vulnerability from cnvd

Title: PostgreSQL内存泄露漏洞（CNVD-2019-16482）

Description:

PostgreSQL是PostgreSQL组织的一套自由的对象关系型数据库管理系统。该系统支持大部分SQL标准并且提供了许多其他特性，例如外键、触发器、视图等。

PostgreSQL中存在安全漏洞。攻击者可通过执行特制的INSERT声明利用该漏洞读取服务器内存。

Severity: 中

Patch Name: PostgreSQL内存泄露漏洞（CNVD-2019-16482）的补丁

Patch Description:

PostgreSQL是PostgreSQL组织的一套自由的对象关系型数据库管理系统。该系统支持大部分SQL标准并且提供了许多其他特性，例如外键、触发器、视图等。

PostgreSQL中存在安全漏洞。攻击者可通过执行特制的INSERT声明利用该漏洞读取服务器内存。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://www.postgresql.org/about/news/1939/

Reference: https://www.postgresql.org/about/news/1939/

Impacted products

Name
PostgreSQL Postgresql

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-10129"
    }
  },
  "description": "PostgreSQL\u662fPostgreSQL\u7ec4\u7ec7\u7684\u4e00\u5957\u81ea\u7531\u7684\u5bf9\u8c61\u5173\u7cfb\u578b\u6570\u636e\u5e93\u7ba1\u7406\u7cfb\u7edf\u3002\u8be5\u7cfb\u7edf\u652f\u6301\u5927\u90e8\u5206SQL\u6807\u51c6\u5e76\u4e14\u63d0\u4f9b\u4e86\u8bb8\u591a\u5176\u4ed6\u7279\u6027\uff0c\u4f8b\u5982\u5916\u952e\u3001\u89e6\u53d1\u5668\u3001\u89c6\u56fe\u7b49\u3002\n\nPostgreSQL\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u6267\u884c\u7279\u5236\u7684INSERT\u58f0\u660e\u5229\u7528\u8be5\u6f0f\u6d1e\u8bfb\u53d6\u670d\u52a1\u5668\u5185\u5b58\u3002",
  "discovererName": "unknwon",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://www.postgresql.org/about/news/1939/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-16482",
  "openTime": "2019-06-04",
  "patchDescription": "PostgreSQL\u662fPostgreSQL\u7ec4\u7ec7\u7684\u4e00\u5957\u81ea\u7531\u7684\u5bf9\u8c61\u5173\u7cfb\u578b\u6570\u636e\u5e93\u7ba1\u7406\u7cfb\u7edf\u3002\u8be5\u7cfb\u7edf\u652f\u6301\u5927\u90e8\u5206SQL\u6807\u51c6\u5e76\u4e14\u63d0\u4f9b\u4e86\u8bb8\u591a\u5176\u4ed6\u7279\u6027\uff0c\u4f8b\u5982\u5916\u952e\u3001\u89e6\u53d1\u5668\u3001\u89c6\u56fe\u7b49\u3002\r\n\r\nPostgreSQL\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u6267\u884c\u7279\u5236\u7684INSERT\u58f0\u660e\u5229\u7528\u8be5\u6f0f\u6d1e\u8bfb\u53d6\u670d\u52a1\u5668\u5185\u5b58\u3002 \u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "PostgreSQL\u5185\u5b58\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2019-16482\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "PostgreSQL Postgresql"
  },
  "referenceLink": "https://www.postgresql.org/about/news/1939/",
  "serverity": "\u4e2d",
  "submitTime": "2019-05-14",
  "title": "PostgreSQL\u5185\u5b58\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2019-16482\uff09"
}

fkie_cve-2019-10129

Vulnerability from fkie_nvd

Published

2019-07-30 17:15

Modified

2024-11-21 04:18

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

References

URL	Tags
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10129	Issue Tracking, Third Party Advisory
secalert@redhat.com	https://security.gentoo.org/glsa/202003-03	Third Party Advisory
secalert@redhat.com	https://www.postgresql.org/about/news/1939/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10129	Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/202003-03	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.postgresql.org/about/news/1939/	Vendor Advisory

Impacted products

	Vendor	Product	Version
	postgresql	postgresql	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "588922E6-6F1E-4219-ADB3-F9E8696E03F8",
              "versionEndExcluding": "11.3",
              "versionStartIncluding": "11.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052)."
    },
    {
      "lang": "es",
      "value": "Se detect\u00f3 una vulnerabilidad en postgresql versiones 11.x anteriores a 11.3. Usando una inserci\u00f3n especialmente dise\u00f1ada espec\u00edficamente para una tabla particionada, un atacante puede leer bytes arbitrarios desde la memoria del servidor. En la configuraci\u00f3n por defecto, cualquier usuario puede crear una tabla particionada adecuada para este ataque. (Los requisitos previos de est\u00e1 explotaci\u00f3n son los mismos que para el CVE-2018-1052)."
    }
  ],
  "id": "CVE-2019-10129",
  "lastModified": "2024-11-21T04:18:28.557",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "secalert@redhat.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-07-30T17:15:12.263",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10129"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202003-03"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.postgresql.org/about/news/1939/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10129"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202003-03"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.postgresql.org/about/news/1939/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052). postgresql Contains an information disclosure vulnerability.Information may be obtained. PostgreSQL is a set of free object relational database management system organized by PostgreSQL. The system supports most SQL standards and provides many other features, such as foreign keys, triggers, views, and more. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202003-03

                                       https://security.gentoo.org/

Severity: Normal Title: PostgreSQL: Multiple vulnerabilities Date: March 12, 2020 Bugs: #685846, #688420, #709708 ID: 202003-03

Synopsis

Multiple vulnerabilities have been found in PostgreSQL, the worst of which could result in the execution of arbitrary code.

Affected packages

-------------------------------------------------------------------
 Package              /     Vulnerable     /            Unaffected
-------------------------------------------------------------------

1 dev-db/postgresql < 9.4.26:9.4 >= 9.4.26:9.4 < 9.5.21:9.5 >= 9.5.21:9.5 < 9.6.17:9.6 >= 9.6.17:9.6 < 10.12:10 >= 10.12:10 < 11.7:11 >= 11.7:11 < 12.2:12 >= 12.2:12

Description

Multiple vulnerabilities have been discovered in PostgreSQL. Please review the CVE identifiers referenced below for details.

Impact

A remote attacker could possibly execute arbitrary code with the privileges of the process, bypass certain client-side connection security features, read arbitrary server memory, alter certain data or cause a Denial of Service condition.

Workaround

There is no known workaround at this time.

Resolution

All PostgreSQL 9.4.x users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.4.26:9.4"

All PostgreSQL 9.5.x users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.5.21:9.5"

All PostgreSQL 9.6.x users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.6.17:9.6"

All PostgreSQL 10.x users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/postgresql-10.12:10"

All PostgreSQL 11.x users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/postgresql-11.7:11"

All PostgreSQL 12.x users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/postgresql-12.2:12"

References

[ 1 ] CVE-2019-10129 https://nvd.nist.gov/vuln/detail/CVE-2019-10129 [ 2 ] CVE-2019-10130 https://nvd.nist.gov/vuln/detail/CVE-2019-10130 [ 3 ] CVE-2019-10164 https://nvd.nist.gov/vuln/detail/CVE-2019-10164 [ 4 ] CVE-2020-1720 https://nvd.nist.gov/vuln/detail/CVE-2020-1720

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

https://security.gentoo.org/glsa/202003-03

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

License

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5 . ========================================================================== Ubuntu Security Notice USN-3972-1 May 13, 2019

postgresql-10, postgresql-11, postgresql-9.5 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

Ubuntu 19.04
Ubuntu 18.10
Ubuntu 18.04 LTS
Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in PostgreSQL. This issue only affected Ubuntu 19.04. (CVE-2019-10129)

Dean Rasheed discovered that PostgreSQL incorrectly handled selectivity estimators. A remote attacker could possibly use this issue to bypass row security policies. (CVE-2019-10130)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.04: postgresql-11 11.3-0ubuntu0.19.04.1

Ubuntu 18.10: postgresql-10 10.8-0ubuntu0.18.10.1

Ubuntu 18.04 LTS: postgresql-10 10.8-0ubuntu0.18.04.1

Ubuntu 16.04 LTS: postgresql-9.5 9.5.17-0ubuntu0.16.04.1

This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart PostgreSQL to make all the necessary changes.

References: https://usn.ubuntu.com/usn/usn-3972-1 CVE-2019-10129, CVE-2019-10130

Package Information: https://launchpad.net/ubuntu/+source/postgresql-11/11.3-0ubuntu0.19.04.1 https://launchpad.net/ubuntu/+source/postgresql-10/10.8-0ubuntu0.18.10.1 https://launchpad.net/ubuntu/+source/postgresql-10/10.8-0ubuntu0.18.04.1 https://launchpad.net/ubuntu/+source/postgresql-9.5/9.5.17-0ubuntu0.16.04.1

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201907-1315",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "postgresql",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "postgresql",
        "version": "11.3"
      },
      {
        "model": "postgresql",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "postgresql",
        "version": "11.0"
      },
      {
        "model": "postgresql",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "postgresql",
        "version": "11.x"
      },
      {
        "model": "postgresql",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "postgresql",
        "version": "11.3"
      },
      {
        "model": "postgresql",
        "scope": null,
        "trust": 0.6,
        "vendor": "postgresql",
        "version": null
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "19.04"
      },
      {
        "model": "postgresql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "postgresql",
        "version": "11.2"
      },
      {
        "model": "postgresql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "postgresql",
        "version": "11.1"
      },
      {
        "model": "postgresql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "postgresql",
        "version": "11"
      },
      {
        "model": "postgresql",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "postgresql",
        "version": "11.3"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-16482"
      },
      {
        "db": "BID",
        "id": "108506"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007133"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10129"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:postgresql:postgresql",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007133"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ubuntu,Noah Misch and the PostgreSQL Project.,Gentoo",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-333"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-10129",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "CVE-2019-10129",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2019-16482",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "secalert@redhat.com",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2019-10129",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2019-10129",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2019-10129",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "secalert@redhat.com",
            "id": "CVE-2019-10129",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2019-10129",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-16482",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201905-333",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2019-10129",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-16482"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10129"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007133"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-333"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10129"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10129"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052). postgresql Contains an information disclosure vulnerability.Information may be obtained. PostgreSQL is a set of free object relational database management system organized by PostgreSQL. The system supports most SQL standards and provides many other features, such as foreign keys, triggers, views, and more. \nSuccessful exploits will allow attackers to obtain sensitive information that may aid in further attacks. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 202003-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                           https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: PostgreSQL: Multiple vulnerabilities\n     Date: March 12, 2020\n     Bugs: #685846, #688420, #709708\n       ID: 202003-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in PostgreSQL, the worst of\nwhich could result in the execution of arbitrary code. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  dev-db/postgresql          \u003c 9.4.26:9.4            \u003e= 9.4.26:9.4\n                                \u003c 9.5.21:9.5            \u003e= 9.5.21:9.5\n                                \u003c 9.6.17:9.6            \u003e= 9.6.17:9.6\n                                 \u003c 10.12:10               \u003e= 10.12:10\n                                 \u003c 11.7:11                 \u003e= 11.7:11\n                                 \u003c 12.2:12                 \u003e= 12.2:12\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in PostgreSQL. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could possibly execute arbitrary code with the\nprivileges of the process, bypass certain client-side connection\nsecurity features, read arbitrary server memory, alter certain data or\ncause a Denial of Service condition. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll PostgreSQL 9.4.x users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=dev-db/postgresql-9.4.26:9.4\"\n\nAll PostgreSQL 9.5.x users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=dev-db/postgresql-9.5.21:9.5\"\n\nAll PostgreSQL 9.6.x users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=dev-db/postgresql-9.6.17:9.6\"\n\nAll PostgreSQL 10.x users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=dev-db/postgresql-10.12:10\"\n\nAll PostgreSQL 11.x users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=dev-db/postgresql-11.7:11\"\n\nAll PostgreSQL 12.x users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=dev-db/postgresql-12.2:12\"\n\nReferences\n==========\n\n[ 1 ] CVE-2019-10129\n      https://nvd.nist.gov/vuln/detail/CVE-2019-10129\n[ 2 ] CVE-2019-10130\n      https://nvd.nist.gov/vuln/detail/CVE-2019-10130\n[ 3 ] CVE-2019-10164\n      https://nvd.nist.gov/vuln/detail/CVE-2019-10164\n[ 4 ] CVE-2020-1720\n      https://nvd.nist.gov/vuln/detail/CVE-2020-1720\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202003-03\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2020 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n. ==========================================================================\nUbuntu Security Notice USN-3972-1\nMay 13, 2019\n\npostgresql-10, postgresql-11, postgresql-9.5 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 19.04\n- Ubuntu 18.10\n- Ubuntu 18.04 LTS\n- Ubuntu 16.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in PostgreSQL. This issue only affected Ubuntu 19.04. (CVE-2019-10129)\n\nDean Rasheed discovered that PostgreSQL incorrectly handled selectivity\nestimators. A remote attacker could possibly use this issue to bypass row\nsecurity policies. (CVE-2019-10130)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 19.04:\n  postgresql-11                   11.3-0ubuntu0.19.04.1\n\nUbuntu 18.10:\n  postgresql-10                   10.8-0ubuntu0.18.10.1\n\nUbuntu 18.04 LTS:\n  postgresql-10                   10.8-0ubuntu0.18.04.1\n\nUbuntu 16.04 LTS:\n  postgresql-9.5                  9.5.17-0ubuntu0.16.04.1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. After a standard system update you need to restart PostgreSQL to\nmake all the necessary changes. \n\nReferences:\n  https://usn.ubuntu.com/usn/usn-3972-1\n  CVE-2019-10129, CVE-2019-10130\n\nPackage Information:\n  https://launchpad.net/ubuntu/+source/postgresql-11/11.3-0ubuntu0.19.04.1\n  https://launchpad.net/ubuntu/+source/postgresql-10/10.8-0ubuntu0.18.10.1\n  https://launchpad.net/ubuntu/+source/postgresql-10/10.8-0ubuntu0.18.04.1\n  https://launchpad.net/ubuntu/+source/postgresql-9.5/9.5.17-0ubuntu0.16.04.1\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-10129"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007133"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-16482"
      },
      {
        "db": "BID",
        "id": "108506"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10129"
      },
      {
        "db": "PACKETSTORM",
        "id": "156711"
      },
      {
        "db": "PACKETSTORM",
        "id": "152824"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-10129",
        "trust": 3.6
      },
      {
        "db": "BID",
        "id": "108506",
        "trust": 0.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007133",
        "trust": 0.8
      },
      {
        "db": "PACKETSTORM",
        "id": "156711",
        "trust": 0.7
      },
      {
        "db": "PACKETSTORM",
        "id": "152824",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-16482",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.1681",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.1668",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-333",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10129",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-16482"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10129"
      },
      {
        "db": "BID",
        "id": "108506"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007133"
      },
      {
        "db": "PACKETSTORM",
        "id": "156711"
      },
      {
        "db": "PACKETSTORM",
        "id": "152824"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-333"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10129"
      }
    ]
  },
  "id": "VAR-201907-1315",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-16482"
      }
    ],
    "trust": 0.06
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-16482"
      }
    ]
  },
  "last_update_date": "2024-11-23T19:39:50.534000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "PostgreSQL 11.3, 10.8, 9.6.13, 9.5.17, and 9.4.22 Released!",
        "trust": 0.8,
        "url": "https://www.postgresql.org/about/news/1939/"
      },
      {
        "title": "Patch for PostgreSQL Memory Leak Vulnerability (CNVD-2019-16482)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/162925"
      },
      {
        "title": "PostgreSQL Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92497"
      },
      {
        "title": "Ubuntu Security Notice: postgresql-10, postgresql-11, postgresql-9.5 vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3972-1"
      },
      {
        "title": "PostgreSQL CVE: CVE-2019-10129",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=postgresql_cve\u0026qid=43abd0671e28c0d36ed09da2aa374848"
      },
      {
        "title": "PostgreSQL Security Announcements: PostgreSQL 11.3, 10.8, 9.6.13, 9.5.17, and 9.4.22 Released!",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=postgresql_security_announcements\u0026qid=c32b14b98b9f434476d955dd6620c592"
      },
      {
        "title": "PostgreSQL Security Announcements: PostgreSQL 11.3, 10.8, 9.6.13, 9.5.17, and 9.4.22 Released!",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=postgresql_security_announcements\u0026qid=277a6808e8230bde486f1f85b16bfac2"
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/Live-Hack-CVE/CVE-2019-10129 "
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-16482"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10129"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007133"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-333"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-125",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-200",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007133"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10129"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.2,
        "url": "https://www.postgresql.org/about/news/1939/"
      },
      {
        "trust": 1.8,
        "url": "https://security.gentoo.org/glsa/202003-03"
      },
      {
        "trust": 1.7,
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=cve-2019-10129"
      },
      {
        "trust": 1.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10129"
      },
      {
        "trust": 0.9,
        "url": "https://www.postgresql.org/docs/11/release-11-3.html"
      },
      {
        "trust": 0.9,
        "url": "https://usn.ubuntu.com/3972-1"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10129"
      },
      {
        "trust": 0.7,
        "url": "https://usn.ubuntu.com/3972-1/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/80718"
      },
      {
        "trust": 0.6,
        "url": "https://www.securityfocus.com/bid/108506"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/80770"
      },
      {
        "trust": 0.6,
        "url": "https://www.ibm.com/blogs/psirt/security-bulletin-postgresql-vulnerabilities-in-ibm-robotic-process-automation-with-automation-anywhere/"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/152824/ubuntu-security-notice-usn-3972-1.html"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/156711/gentoo-linux-security-advisory-202003-03.html"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10130"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/125.html"
      },
      {
        "trust": 0.1,
        "url": "https://tools.cisco.com/security/center/viewalert.x?alertid=60168"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.postgresql.org/support/security/cve-2019-10129/"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.gentoo.org."
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1720"
      },
      {
        "trust": 0.1,
        "url": "https://creativecommons.org/licenses/by-sa/2.5"
      },
      {
        "trust": 0.1,
        "url": "https://security.gentoo.org/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10164"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/usn/usn-3972-1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/postgresql-10/10.8-0ubuntu0.18.10.1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/postgresql-11/11.3-0ubuntu0.19.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/postgresql-10/10.8-0ubuntu0.18.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/postgresql-9.5/9.5.17-0ubuntu0.16.04.1"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-16482"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10129"
      },
      {
        "db": "BID",
        "id": "108506"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007133"
      },
      {
        "db": "PACKETSTORM",
        "id": "156711"
      },
      {
        "db": "PACKETSTORM",
        "id": "152824"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-333"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10129"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-16482"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10129"
      },
      {
        "db": "BID",
        "id": "108506"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007133"
      },
      {
        "db": "PACKETSTORM",
        "id": "156711"
      },
      {
        "db": "PACKETSTORM",
        "id": "152824"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-333"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10129"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-06-04T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-16482"
      },
      {
        "date": "2019-07-30T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-10129"
      },
      {
        "date": "2019-05-09T00:00:00",
        "db": "BID",
        "id": "108506"
      },
      {
        "date": "2019-08-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-007133"
      },
      {
        "date": "2020-03-13T14:56:18",
        "db": "PACKETSTORM",
        "id": "156711"
      },
      {
        "date": "2019-05-13T15:14:37",
        "db": "PACKETSTORM",
        "id": "152824"
      },
      {
        "date": "2019-05-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-333"
      },
      {
        "date": "2019-07-30T17:15:12.263000",
        "db": "NVD",
        "id": "CVE-2019-10129"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-06-04T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-16482"
      },
      {
        "date": "2023-02-03T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-10129"
      },
      {
        "date": "2019-05-09T00:00:00",
        "db": "BID",
        "id": "108506"
      },
      {
        "date": "2019-08-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-007133"
      },
      {
        "date": "2020-12-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-333"
      },
      {
        "date": "2024-11-21T04:18:28.557000",
        "db": "NVD",
        "id": "CVE-2019-10129"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "152824"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-333"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "postgresql Vulnerable to information disclosure",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007133"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-333"
      }
    ],
    "trust": 0.6
  }
}

ghsa-8f7w-x9j5-q7c8

Vulnerability from github

Published

2022-05-24 16:51

Modified

2023-02-03 15:31

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-10129"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-07-30T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052).",
  "id": "GHSA-8f7w-x9j5-q7c8",
  "modified": "2023-02-03T15:31:17Z",
  "published": "2022-05-24T16:51:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10129"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10129"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202003-03"
    },
    {
      "type": "WEB",
      "url": "https://www.postgresql.org/about/news/1939"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

opensuse-su-2024:11185-1

Vulnerability from csaf_opensuse

Published

2024-06-15 00:00

Modified

2024-06-15 00:00

Summary

postgresql11-11.13-1.3 on GA media

Notes

Title of the patch

postgresql11-11.13-1.3 on GA media

Description of the patch

These are all security issues fixed in the postgresql11-11.13-1.3 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2024-11185

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "postgresql11-11.13-1.3 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the postgresql11-11.13-1.3 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-11185",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11185-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-10925 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-10925/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-16850 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-16850/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-10129 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-10129/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-10130 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-10130/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-10164 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-10164/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-10208 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-10208/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-10209 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-10209/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-14349 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-14349/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-14350 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-14350/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-1720 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-1720/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-25694 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-25694/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-25695 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-25695/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-25696 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-25696/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-32027 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-32027/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-32028 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-32028/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-32029 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-32029/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-3393 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-3393/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-3677 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-3677/"
      }
    ],
    "title": "postgresql11-11.13-1.3 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:11185-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "postgresql11-11.13-1.3.aarch64",
                "product": {
                  "name": "postgresql11-11.13-1.3.aarch64",
                  "product_id": "postgresql11-11.13-1.3.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-contrib-11.13-1.3.aarch64",
                "product": {
                  "name": "postgresql11-contrib-11.13-1.3.aarch64",
                  "product_id": "postgresql11-contrib-11.13-1.3.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-devel-11.13-1.3.aarch64",
                "product": {
                  "name": "postgresql11-devel-11.13-1.3.aarch64",
                  "product_id": "postgresql11-devel-11.13-1.3.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-docs-11.13-1.3.aarch64",
                "product": {
                  "name": "postgresql11-docs-11.13-1.3.aarch64",
                  "product_id": "postgresql11-docs-11.13-1.3.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-llvmjit-11.13-1.3.aarch64",
                "product": {
                  "name": "postgresql11-llvmjit-11.13-1.3.aarch64",
                  "product_id": "postgresql11-llvmjit-11.13-1.3.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-plperl-11.13-1.3.aarch64",
                "product": {
                  "name": "postgresql11-plperl-11.13-1.3.aarch64",
                  "product_id": "postgresql11-plperl-11.13-1.3.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-plpython-11.13-1.3.aarch64",
                "product": {
                  "name": "postgresql11-plpython-11.13-1.3.aarch64",
                  "product_id": "postgresql11-plpython-11.13-1.3.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-pltcl-11.13-1.3.aarch64",
                "product": {
                  "name": "postgresql11-pltcl-11.13-1.3.aarch64",
                  "product_id": "postgresql11-pltcl-11.13-1.3.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-server-11.13-1.3.aarch64",
                "product": {
                  "name": "postgresql11-server-11.13-1.3.aarch64",
                  "product_id": "postgresql11-server-11.13-1.3.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-server-devel-11.13-1.3.aarch64",
                "product": {
                  "name": "postgresql11-server-devel-11.13-1.3.aarch64",
                  "product_id": "postgresql11-server-devel-11.13-1.3.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-test-11.13-1.3.aarch64",
                "product": {
                  "name": "postgresql11-test-11.13-1.3.aarch64",
                  "product_id": "postgresql11-test-11.13-1.3.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "postgresql11-11.13-1.3.ppc64le",
                "product": {
                  "name": "postgresql11-11.13-1.3.ppc64le",
                  "product_id": "postgresql11-11.13-1.3.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-contrib-11.13-1.3.ppc64le",
                "product": {
                  "name": "postgresql11-contrib-11.13-1.3.ppc64le",
                  "product_id": "postgresql11-contrib-11.13-1.3.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-devel-11.13-1.3.ppc64le",
                "product": {
                  "name": "postgresql11-devel-11.13-1.3.ppc64le",
                  "product_id": "postgresql11-devel-11.13-1.3.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-docs-11.13-1.3.ppc64le",
                "product": {
                  "name": "postgresql11-docs-11.13-1.3.ppc64le",
                  "product_id": "postgresql11-docs-11.13-1.3.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-llvmjit-11.13-1.3.ppc64le",
                "product": {
                  "name": "postgresql11-llvmjit-11.13-1.3.ppc64le",
                  "product_id": "postgresql11-llvmjit-11.13-1.3.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-plperl-11.13-1.3.ppc64le",
                "product": {
                  "name": "postgresql11-plperl-11.13-1.3.ppc64le",
                  "product_id": "postgresql11-plperl-11.13-1.3.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-plpython-11.13-1.3.ppc64le",
                "product": {
                  "name": "postgresql11-plpython-11.13-1.3.ppc64le",
                  "product_id": "postgresql11-plpython-11.13-1.3.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-pltcl-11.13-1.3.ppc64le",
                "product": {
                  "name": "postgresql11-pltcl-11.13-1.3.ppc64le",
                  "product_id": "postgresql11-pltcl-11.13-1.3.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-server-11.13-1.3.ppc64le",
                "product": {
                  "name": "postgresql11-server-11.13-1.3.ppc64le",
                  "product_id": "postgresql11-server-11.13-1.3.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-server-devel-11.13-1.3.ppc64le",
                "product": {
                  "name": "postgresql11-server-devel-11.13-1.3.ppc64le",
                  "product_id": "postgresql11-server-devel-11.13-1.3.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-test-11.13-1.3.ppc64le",
                "product": {
                  "name": "postgresql11-test-11.13-1.3.ppc64le",
                  "product_id": "postgresql11-test-11.13-1.3.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "postgresql11-11.13-1.3.s390x",
                "product": {
                  "name": "postgresql11-11.13-1.3.s390x",
                  "product_id": "postgresql11-11.13-1.3.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-contrib-11.13-1.3.s390x",
                "product": {
                  "name": "postgresql11-contrib-11.13-1.3.s390x",
                  "product_id": "postgresql11-contrib-11.13-1.3.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-devel-11.13-1.3.s390x",
                "product": {
                  "name": "postgresql11-devel-11.13-1.3.s390x",
                  "product_id": "postgresql11-devel-11.13-1.3.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-docs-11.13-1.3.s390x",
                "product": {
                  "name": "postgresql11-docs-11.13-1.3.s390x",
                  "product_id": "postgresql11-docs-11.13-1.3.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-llvmjit-11.13-1.3.s390x",
                "product": {
                  "name": "postgresql11-llvmjit-11.13-1.3.s390x",
                  "product_id": "postgresql11-llvmjit-11.13-1.3.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-plperl-11.13-1.3.s390x",
                "product": {
                  "name": "postgresql11-plperl-11.13-1.3.s390x",
                  "product_id": "postgresql11-plperl-11.13-1.3.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-plpython-11.13-1.3.s390x",
                "product": {
                  "name": "postgresql11-plpython-11.13-1.3.s390x",
                  "product_id": "postgresql11-plpython-11.13-1.3.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-pltcl-11.13-1.3.s390x",
                "product": {
                  "name": "postgresql11-pltcl-11.13-1.3.s390x",
                  "product_id": "postgresql11-pltcl-11.13-1.3.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-server-11.13-1.3.s390x",
                "product": {
                  "name": "postgresql11-server-11.13-1.3.s390x",
                  "product_id": "postgresql11-server-11.13-1.3.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-server-devel-11.13-1.3.s390x",
                "product": {
                  "name": "postgresql11-server-devel-11.13-1.3.s390x",
                  "product_id": "postgresql11-server-devel-11.13-1.3.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-test-11.13-1.3.s390x",
                "product": {
                  "name": "postgresql11-test-11.13-1.3.s390x",
                  "product_id": "postgresql11-test-11.13-1.3.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "postgresql11-11.13-1.3.x86_64",
                "product": {
                  "name": "postgresql11-11.13-1.3.x86_64",
                  "product_id": "postgresql11-11.13-1.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-contrib-11.13-1.3.x86_64",
                "product": {
                  "name": "postgresql11-contrib-11.13-1.3.x86_64",
                  "product_id": "postgresql11-contrib-11.13-1.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-devel-11.13-1.3.x86_64",
                "product": {
                  "name": "postgresql11-devel-11.13-1.3.x86_64",
                  "product_id": "postgresql11-devel-11.13-1.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-docs-11.13-1.3.x86_64",
                "product": {
                  "name": "postgresql11-docs-11.13-1.3.x86_64",
                  "product_id": "postgresql11-docs-11.13-1.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-llvmjit-11.13-1.3.x86_64",
                "product": {
                  "name": "postgresql11-llvmjit-11.13-1.3.x86_64",
                  "product_id": "postgresql11-llvmjit-11.13-1.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-plperl-11.13-1.3.x86_64",
                "product": {
                  "name": "postgresql11-plperl-11.13-1.3.x86_64",
                  "product_id": "postgresql11-plperl-11.13-1.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-plpython-11.13-1.3.x86_64",
                "product": {
                  "name": "postgresql11-plpython-11.13-1.3.x86_64",
                  "product_id": "postgresql11-plpython-11.13-1.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-pltcl-11.13-1.3.x86_64",
                "product": {
                  "name": "postgresql11-pltcl-11.13-1.3.x86_64",
                  "product_id": "postgresql11-pltcl-11.13-1.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-server-11.13-1.3.x86_64",
                "product": {
                  "name": "postgresql11-server-11.13-1.3.x86_64",
                  "product_id": "postgresql11-server-11.13-1.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-server-devel-11.13-1.3.x86_64",
                "product": {
                  "name": "postgresql11-server-devel-11.13-1.3.x86_64",
                  "product_id": "postgresql11-server-devel-11.13-1.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql11-test-11.13-1.3.x86_64",
                "product": {
                  "name": "postgresql11-test-11.13-1.3.x86_64",
                  "product_id": "postgresql11-test-11.13-1.3.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-11.13-1.3.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64"
        },
        "product_reference": "postgresql11-11.13-1.3.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-11.13-1.3.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le"
        },
        "product_reference": "postgresql11-11.13-1.3.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-11.13-1.3.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x"
        },
        "product_reference": "postgresql11-11.13-1.3.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-11.13-1.3.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64"
        },
        "product_reference": "postgresql11-11.13-1.3.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-contrib-11.13-1.3.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64"
        },
        "product_reference": "postgresql11-contrib-11.13-1.3.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-contrib-11.13-1.3.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le"
        },
        "product_reference": "postgresql11-contrib-11.13-1.3.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-contrib-11.13-1.3.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x"
        },
        "product_reference": "postgresql11-contrib-11.13-1.3.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-contrib-11.13-1.3.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64"
        },
        "product_reference": "postgresql11-contrib-11.13-1.3.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-devel-11.13-1.3.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64"
        },
        "product_reference": "postgresql11-devel-11.13-1.3.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-devel-11.13-1.3.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le"
        },
        "product_reference": "postgresql11-devel-11.13-1.3.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-devel-11.13-1.3.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x"
        },
        "product_reference": "postgresql11-devel-11.13-1.3.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-devel-11.13-1.3.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64"
        },
        "product_reference": "postgresql11-devel-11.13-1.3.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-docs-11.13-1.3.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64"
        },
        "product_reference": "postgresql11-docs-11.13-1.3.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-docs-11.13-1.3.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le"
        },
        "product_reference": "postgresql11-docs-11.13-1.3.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-docs-11.13-1.3.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x"
        },
        "product_reference": "postgresql11-docs-11.13-1.3.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-docs-11.13-1.3.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64"
        },
        "product_reference": "postgresql11-docs-11.13-1.3.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-llvmjit-11.13-1.3.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64"
        },
        "product_reference": "postgresql11-llvmjit-11.13-1.3.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-llvmjit-11.13-1.3.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le"
        },
        "product_reference": "postgresql11-llvmjit-11.13-1.3.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-llvmjit-11.13-1.3.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x"
        },
        "product_reference": "postgresql11-llvmjit-11.13-1.3.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-llvmjit-11.13-1.3.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64"
        },
        "product_reference": "postgresql11-llvmjit-11.13-1.3.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-plperl-11.13-1.3.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64"
        },
        "product_reference": "postgresql11-plperl-11.13-1.3.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-plperl-11.13-1.3.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le"
        },
        "product_reference": "postgresql11-plperl-11.13-1.3.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-plperl-11.13-1.3.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x"
        },
        "product_reference": "postgresql11-plperl-11.13-1.3.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-plperl-11.13-1.3.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64"
        },
        "product_reference": "postgresql11-plperl-11.13-1.3.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-plpython-11.13-1.3.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64"
        },
        "product_reference": "postgresql11-plpython-11.13-1.3.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-plpython-11.13-1.3.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le"
        },
        "product_reference": "postgresql11-plpython-11.13-1.3.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-plpython-11.13-1.3.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x"
        },
        "product_reference": "postgresql11-plpython-11.13-1.3.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-plpython-11.13-1.3.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64"
        },
        "product_reference": "postgresql11-plpython-11.13-1.3.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-pltcl-11.13-1.3.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64"
        },
        "product_reference": "postgresql11-pltcl-11.13-1.3.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-pltcl-11.13-1.3.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le"
        },
        "product_reference": "postgresql11-pltcl-11.13-1.3.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-pltcl-11.13-1.3.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x"
        },
        "product_reference": "postgresql11-pltcl-11.13-1.3.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-pltcl-11.13-1.3.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64"
        },
        "product_reference": "postgresql11-pltcl-11.13-1.3.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-server-11.13-1.3.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64"
        },
        "product_reference": "postgresql11-server-11.13-1.3.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-server-11.13-1.3.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le"
        },
        "product_reference": "postgresql11-server-11.13-1.3.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-server-11.13-1.3.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x"
        },
        "product_reference": "postgresql11-server-11.13-1.3.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-server-11.13-1.3.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64"
        },
        "product_reference": "postgresql11-server-11.13-1.3.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-server-devel-11.13-1.3.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64"
        },
        "product_reference": "postgresql11-server-devel-11.13-1.3.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-server-devel-11.13-1.3.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le"
        },
        "product_reference": "postgresql11-server-devel-11.13-1.3.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-server-devel-11.13-1.3.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x"
        },
        "product_reference": "postgresql11-server-devel-11.13-1.3.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-server-devel-11.13-1.3.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64"
        },
        "product_reference": "postgresql11-server-devel-11.13-1.3.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-test-11.13-1.3.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64"
        },
        "product_reference": "postgresql11-test-11.13-1.3.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-test-11.13-1.3.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le"
        },
        "product_reference": "postgresql11-test-11.13-1.3.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-test-11.13-1.3.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x"
        },
        "product_reference": "postgresql11-test-11.13-1.3.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql11-test-11.13-1.3.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
        },
        "product_reference": "postgresql11-test-11.13-1.3.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-10925",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-10925"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed to properly check authorization on certain statements involved with \"INSERT ... ON CONFLICT DO UPDATE\". An attacker with \"CREATE TABLE\" privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain \"INSERT\" and limited \"UPDATE\" privileges to a particular table, they could exploit this to update other columns in the same table.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-10925",
          "url": "https://www.suse.com/security/cve/CVE-2018-10925"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1104202 for CVE-2018-10925",
          "url": "https://bugzilla.suse.com/1104202"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-10925"
    },
    {
      "cve": "CVE-2018-16850",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-16850"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-16850",
          "url": "https://www.suse.com/security/cve/CVE-2018-16850"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1114837 for CVE-2018-16850",
          "url": "https://bugzilla.suse.com/1114837"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2018-16850"
    },
    {
      "cve": "CVE-2019-10129",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-10129"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-10129",
          "url": "https://www.suse.com/security/cve/CVE-2019-10129"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1134684 for CVE-2019-10129",
          "url": "https://bugzilla.suse.com/1134684"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-10129"
    },
    {
      "cve": "CVE-2019-10130",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-10130"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10.8, 9.6.x up to, excluding 9.6.13, 9.5.x up to, excluding 9.5.17. PostgreSQL maintains column statistics for tables. Certain statistics, such as histograms and lists of most common values, contain values taken from the column. PostgreSQL does not evaluate row security policies before consulting those statistics during query planning; an attacker can exploit this to read the most common values of certain columns. Affected columns are those for which the attacker has SELECT privilege and for which, in an ordinary query, row-level security prunes the set of rows visible to the attacker.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-10130",
          "url": "https://www.suse.com/security/cve/CVE-2019-10130"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1134689 for CVE-2019-10130",
          "url": "https://bugzilla.suse.com/1134689"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-10130"
    },
    {
      "cve": "CVE-2019-10164",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-10164"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user\u0027s own password to a purpose-crafted value. This often suffices to execute arbitrary code as the PostgreSQL operating system account.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-10164",
          "url": "https://www.suse.com/security/cve/CVE-2019-10164"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1138034 for CVE-2019-10164",
          "url": "https://bugzilla.suse.com/1138034"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-10164"
    },
    {
      "cve": "CVE-2019-10208",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-10208"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5.x before 9.5.19, 9.6.x before 9.6.15, 10.x before 10.10 and 11.x before 11.5 where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE permission on the function, can execute arbitrary SQL as the owner of the function.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-10208",
          "url": "https://www.suse.com/security/cve/CVE-2019-10208"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1145092 for CVE-2019-10208",
          "url": "https://bugzilla.suse.com/1145092"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1171566 for CVE-2019-10208",
          "url": "https://bugzilla.suse.com/1171566"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-10208"
    },
    {
      "cve": "CVE-2019-10209",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-10209"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-10209",
          "url": "https://www.suse.com/security/cve/CVE-2019-10209"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1145091 for CVE-2019-10209",
          "url": "https://bugzilla.suse.com/1145091"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.2,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2019-10209"
    },
    {
      "cve": "CVE-2020-14349",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-14349"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058, in order to execute arbitrary SQL command in the context of the user used for replication.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-14349",
          "url": "https://www.suse.com/security/cve/CVE-2020-14349"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1175193 for CVE-2020-14349",
          "url": "https://bugzilla.suse.com/1175193"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1176151 for CVE-2020-14349",
          "url": "https://bugzilla.suse.com/1176151"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1179499 for CVE-2020-14349",
          "url": "https://bugzilla.suse.com/1179499"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1179870 for CVE-2020-14349",
          "url": "https://bugzilla.suse.com/1179870"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-14349"
    },
    {
      "cve": "CVE-2020-14350",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-14350"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "It was found that some PostgreSQL extensions did not use search_path safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into executing a specially crafted script, during the installation or update of such extension. This affects PostgreSQL versions before 12.4, before 11.9, before 10.14, before 9.6.19, and before 9.5.23.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-14350",
          "url": "https://www.suse.com/security/cve/CVE-2020-14350"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1175194 for CVE-2020-14350",
          "url": "https://bugzilla.suse.com/1175194"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1176151 for CVE-2020-14350",
          "url": "https://bugzilla.suse.com/1176151"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1179115 for CVE-2020-14350",
          "url": "https://bugzilla.suse.com/1179115"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1179499 for CVE-2020-14350",
          "url": "https://bugzilla.suse.com/1179499"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1179870 for CVE-2020-14350",
          "url": "https://bugzilla.suse.com/1179870"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-14350"
    },
    {
      "cve": "CVE-2020-1720",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-1720"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in PostgreSQL\u0027s \"ALTER ... DEPENDS ON EXTENSION\", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function, triggers, et al., leading to database corruption. This issue affects PostgreSQL versions before 12.2, before 11.7, before 10.12 and before 9.6.17.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-1720",
          "url": "https://www.suse.com/security/cve/CVE-2020-1720"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1163985 for CVE-2020-1720",
          "url": "https://bugzilla.suse.com/1163985"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-1720"
    },
    {
      "cve": "CVE-2020-25694",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-25694"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters, an opportunity for a man-in-the-middle attack, or the ability to observe clear-text transmissions, could exist. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-25694",
          "url": "https://www.suse.com/security/cve/CVE-2020-25694"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178667 for CVE-2020-25694",
          "url": "https://bugzilla.suse.com/1178667"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1179870 for CVE-2020-25694",
          "url": "https://bugzilla.suse.com/1179870"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-25694"
    },
    {
      "cve": "CVE-2020-25695",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-25695"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-25695",
          "url": "https://www.suse.com/security/cve/CVE-2020-25695"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178666 for CVE-2020-25695",
          "url": "https://bugzilla.suse.com/1178666"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-25695"
    },
    {
      "cve": "CVE-2020-25696",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-25696"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If an interactive psql session uses \\gset when querying a compromised server, the attacker can execute arbitrary code as the operating system account running psql. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-25696",
          "url": "https://www.suse.com/security/cve/CVE-2020-25696"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178668 for CVE-2020-25696",
          "url": "https://bugzilla.suse.com/1178668"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1179870 for CVE-2020-25696",
          "url": "https://bugzilla.suse.com/1179870"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-25696"
    },
    {
      "cve": "CVE-2021-32027",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-32027"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-32027",
          "url": "https://www.suse.com/security/cve/CVE-2021-32027"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1185924 for CVE-2021-32027",
          "url": "https://bugzilla.suse.com/1185924"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-32027"
    },
    {
      "cve": "CVE-2021-32028",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-32028"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-32028",
          "url": "https://www.suse.com/security/cve/CVE-2021-32028"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1185925 for CVE-2021-32028",
          "url": "https://bugzilla.suse.com/1185925"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-32028"
    },
    {
      "cve": "CVE-2021-32029",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-32029"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in postgresql. Using an UPDATE ... RETURNING command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-32029",
          "url": "https://www.suse.com/security/cve/CVE-2021-32029"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1185926 for CVE-2021-32029",
          "url": "https://bugzilla.suse.com/1185926"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-32029"
    },
    {
      "cve": "CVE-2021-3393",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-3393"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. A user having UPDATE permission but not SELECT permission to a particular column could craft queries which, under some circumstances, might disclose values from that column in error messages. An attacker could use this flaw to obtain information stored in a column they are allowed to write but not read.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-3393",
          "url": "https://www.suse.com/security/cve/CVE-2021-3393"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182040 for CVE-2021-3393",
          "url": "https://bugzilla.suse.com/1182040"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2021-3393"
    },
    {
      "cve": "CVE-2021-3677",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-3677"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include max_worker_processes=0, the known versions of this attack are infeasible. However, undiscovered variants of the attack may be independent of that setting.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
          "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-3677",
          "url": "https://www.suse.com/security/cve/CVE-2021-3677"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1189748 for CVE-2021-3677",
          "url": "https://bugzilla.suse.com/1189748"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-contrib-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-docs-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-llvmjit-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plperl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-plpython-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-pltcl-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-server-devel-11.13-1.3.x86_64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.aarch64",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.ppc64le",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.s390x",
            "openSUSE Tumbleweed:postgresql11-test-11.13-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-3677"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2019-10129 (GCVE-0-2019-10129)

Vulnerability from cvelistv5

gsd-2019-10129

Vulnerability from gsd

cnvd-2019-16482

Vulnerability from cnvd

fkie_cve-2019-10129

Vulnerability from fkie_nvd

var-201907-1315

Vulnerability from variot

Synopsis

Affected packages

Description

Impact

Workaround

Resolution

References

Availability

Concerns?

License

postgresql-10, postgresql-11, postgresql-9.5 vulnerabilities

ghsa-8f7w-x9j5-q7c8

Vulnerability from github

opensuse-su-2024:11185-1

Vulnerability from csaf_opensuse

Tags

Sightings

Nomenclature