Vulnerability-Lookup

RHSA-2024:0337

Vulnerability from csaf_redhat - Published: 2024-01-22 20:55 - Updated: 2026-03-18 02:31

Summary

Red Hat Security Advisory: RHACS 4.2 security update

Severity

Important

Notes

Topic: Updated images are now available for Red Hat Advanced Cluster Security 4.2.4. The updated images includes security fixes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: This release of RHACS 4.2.4 provides the following changes: * Fixed postgresql vulnerabilities in multiple images.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2023-5868

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory.

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE-686 - Function Call With Incorrect Argument Type

Affected products

Fixed 15 products

Product	Version	Remediation
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x	—	Vendor Fix fix Workaround

Known not affected 18 products

Product	Version	Remediation
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x	—	Workaround

Threats

Impact Moderate

CVE-2023-5869

A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory.

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Fixed 15 products

Product	Version	Remediation
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x	—	Vendor Fix fix Workaround

Known not affected 18 products

Product	Version	Remediation
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x	—	Workaround

Threats

Impact Important

CVE-2023-5870

A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.

2.2 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 15 products

Product	Version	Remediation
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x	—	Vendor Fix fix Workaround

Known not affected 18 products

Product	Version	Remediation
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64	—	Workaround
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x	—	Workaround

Threats

Impact Low

CVE-2023-39417

IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Affected products

Fixed 15 products

Product	Version	Remediation
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x	—	Vendor Fix fix

Known not affected 18 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x		—
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64		—
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le		—
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64		—
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le		—
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x		—
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x		—
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le		—
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64		—
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le		—
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x		—
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64		—
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le		—
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64		—
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x		—
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le		—
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64		—
Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x		—

Threats

Impact Moderate

References

29 references

URL	Category
https://access.redhat.com/errata/RHSA-2024:0337	self
https://access.redhat.com/security/updates/classi…	external
https://docs.openshift.com/acs/4.2/release_notes/…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2228111	external
https://bugzilla.redhat.com/show_bug.cgi?id=2247168	external
https://bugzilla.redhat.com/show_bug.cgi?id=2247169	external
https://bugzilla.redhat.com/show_bug.cgi?id=2247170	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2023-5868	self
https://bugzilla.redhat.com/show_bug.cgi?id=2247168	external
https://www.cve.org/CVERecord?id=CVE-2023-5868	external
https://nvd.nist.gov/vuln/detail/CVE-2023-5868	external
https://www.postgresql.org/about/news/postgresql-…	external
https://www.postgresql.org/support/security/CVE-2…	external
https://access.redhat.com/security/cve/CVE-2023-5869	self
https://bugzilla.redhat.com/show_bug.cgi?id=2247169	external
https://www.cve.org/CVERecord?id=CVE-2023-5869	external
https://nvd.nist.gov/vuln/detail/CVE-2023-5869	external
https://www.postgresql.org/support/security/CVE-2…	external
https://access.redhat.com/security/cve/CVE-2023-5870	self
https://bugzilla.redhat.com/show_bug.cgi?id=2247170	external
https://www.cve.org/CVERecord?id=CVE-2023-5870	external
https://nvd.nist.gov/vuln/detail/CVE-2023-5870	external
https://www.postgresql.org/support/security/CVE-2…	external
https://access.redhat.com/security/cve/CVE-2023-39417	self
https://bugzilla.redhat.com/show_bug.cgi?id=2228111	external
https://www.cve.org/CVERecord?id=CVE-2023-39417	external
https://nvd.nist.gov/vuln/detail/CVE-2023-39417	external
https://www.postgresql.org/support/security/CVE-2…	external

Acknowledgments

Jingzhou Fu

Pedro Gallegos

Mahendrakar Srinivasarao Hemanth Sandrana

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated images are now available for Red Hat Advanced Cluster Security 4.2.4.\nThe updated images includes security fixes.\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "This release of RHACS 4.2.4 provides the following changes:\n\n* Fixed postgresql vulnerabilities in multiple images.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:0337",
        "url": "https://access.redhat.com/errata/RHSA-2024:0337"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://docs.openshift.com/acs/4.2/release_notes/42-release-notes.html",
        "url": "https://docs.openshift.com/acs/4.2/release_notes/42-release-notes.html"
      },
      {
        "category": "external",
        "summary": "2228111",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228111"
      },
      {
        "category": "external",
        "summary": "2247168",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247168"
      },
      {
        "category": "external",
        "summary": "2247169",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247169"
      },
      {
        "category": "external",
        "summary": "2247170",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247170"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0337.json"
      }
    ],
    "title": "Red Hat Security Advisory: RHACS 4.2 security update",
    "tracking": {
      "current_release_date": "2026-03-18T02:31:28+00:00",
      "generator": {
        "date": "2026-03-18T02:31:28+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.7.3"
        }
      },
      "id": "RHSA-2024:0337",
      "initial_release_date": "2024-01-22T20:55:21+00:00",
      "revision_history": [
        {
          "date": "2024-01-22T20:55:21+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-01-22T20:55:21+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-03-18T02:31:28+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "RHACS 4.2 for RHEL 8",
                "product": {
                  "name": "RHACS 4.2 for RHEL 8",
                  "product_id": "8Base-RHACS-4.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Advanced Cluster Security for Kubernetes"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
                "product": {
                  "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
                  "product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
                "product": {
                  "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
                  "product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.2.4-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
                "product": {
                  "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
                  "product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.2.4-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
                "product": {
                  "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
                  "product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
                "product": {
                  "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
                  "product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.2.4-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
                "product": {
                  "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
                  "product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
                "product": {
                  "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
                  "product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
                  "product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
                  "product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
                  "product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.2.4-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
                  "product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.2.4-7"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
                "product": {
                  "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
                  "product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
                "product": {
                  "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
                  "product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.2.4-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
                "product": {
                  "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
                  "product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.2.4-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
                "product": {
                  "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
                  "product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
                "product": {
                  "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
                  "product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.2.4-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
                "product": {
                  "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
                  "product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
                "product": {
                  "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
                  "product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
                  "product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
                  "product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x",
                  "product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.2.4-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x",
                  "product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.2.4-7"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
                  "product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
                  "product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.2.4-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
                  "product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.2.4-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
                  "product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
                  "product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.2.4-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
                  "product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
                  "product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
                  "product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
                  "product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
                  "product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.2.4-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
                  "product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.2.4-7"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le"
        },
        "product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x"
        },
        "product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64 as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x"
        },
        "product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64 as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le"
        },
        "product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64 as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le"
        },
        "product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x"
        },
        "product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64 as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le"
        },
        "product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x"
        },
        "product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le"
        },
        "product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64 as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x"
        },
        "product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x"
        },
        "product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le"
        },
        "product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64 as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le"
        },
        "product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x"
        },
        "product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64 as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64 as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64 as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64 as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64 as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Jingzhou Fu"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2023-5868",
      "cwe": {
        "id": "CWE-686",
        "name": "Function Call With Incorrect Argument Type"
      },
      "discovery_date": "2023-10-31T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2247168"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with \u0027unknown\u0027-type arguments. Handling \u0027unknown\u0027-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "postgresql: Memory disclosure in aggregate function calls",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x"
        ],
        "known_not_affected": [
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-5868"
        },
        {
          "category": "external",
          "summary": "RHBZ#2247168",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247168"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-5868",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-5868"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5868",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5868"
        },
        {
          "category": "external",
          "summary": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/",
          "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/"
        },
        {
          "category": "external",
          "summary": "https://www.postgresql.org/support/security/CVE-2023-5868/",
          "url": "https://www.postgresql.org/support/security/CVE-2023-5868/"
        }
      ],
      "release_date": "2023-11-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-01-22T20:55:21+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0337"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "postgresql: Memory disclosure in aggregate function calls"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Pedro Gallegos"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2023-5869",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2023-10-31T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2247169"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server\u0027s memory.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "postgresql: Buffer overrun from integer overflow in array modification",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x"
        ],
        "known_not_affected": [
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-5869"
        },
        {
          "category": "external",
          "summary": "RHBZ#2247169",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247169"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-5869",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-5869"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5869",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5869"
        },
        {
          "category": "external",
          "summary": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/",
          "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/"
        },
        {
          "category": "external",
          "summary": "https://www.postgresql.org/support/security/CVE-2023-5869/",
          "url": "https://www.postgresql.org/support/security/CVE-2023-5869/"
        }
      ],
      "release_date": "2023-11-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-01-22T20:55:21+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0337"
        },
        {
          "category": "workaround",
          "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
          "product_ids": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "postgresql: Buffer overrun from integer overflow in array modification"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Mahendrakar Srinivasarao",
            "Hemanth Sandrana"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2023-5870",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-10-31T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2247170"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "postgresql: Role pg_signal_backend can signal certain superuser processes.",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Although the NVD assigns this issue a Moderate rating, Red Hat classifies it as Low severity because the practical impact is limited and requires multiple specific conditions. The vulnerability allows a privileged database role (pg_signal_backend) to send signals to certain background worker processes. However, PostgreSQL\u2019s core background workers are designed to safely handle such signals and automatically recover without disrupting the database service.\n\nFor a denial-of-service condition to occur, the system must be running a non-core extension that introduces a custom background worker which is not designed to restart safely after receiving a signal. In other words, the issue does not affect standard PostgreSQL installations and only impacts specialized configurations using third-party extensions. Even in affected scenarios, the impact is limited to disruption of a specific auxiliary background task and does not result in complete database failure, data loss, or compromise of confidentiality or integrity.\n\nBecause exploitation requires a high-privileged user and affects only certain non-default configurations with limited operational impact, Red Hat considers the real-world risk to be Low.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x"
        ],
        "known_not_affected": [
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-5870"
        },
        {
          "category": "external",
          "summary": "RHBZ#2247170",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247170"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-5870",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-5870"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5870",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5870"
        },
        {
          "category": "external",
          "summary": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/",
          "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/"
        },
        {
          "category": "external",
          "summary": "https://www.postgresql.org/support/security/CVE-2023-5870/",
          "url": "https://www.postgresql.org/support/security/CVE-2023-5870/"
        }
      ],
      "release_date": "2023-11-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-01-22T20:55:21+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0337"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 2.2,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "postgresql: Role pg_signal_backend can signal certain superuser processes."
    },
    {
      "cve": "CVE-2023-39417",
      "cwe": {
        "id": "CWE-89",
        "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
      },
      "discovery_date": "2023-08-01T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2228111"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, \u0027\u0027, or \"\"). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "postgresql: extension script @substitutions@ within quoting allow SQL injection",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Bundled extensions are not vulnerable. Also, PostgreSQL will block this attack in the core server, so there\u0027s no need to modify individual extensions.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x"
        ],
        "known_not_affected": [
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-39417"
        },
        {
          "category": "external",
          "summary": "RHBZ#2228111",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228111"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-39417",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-39417"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39417",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39417"
        },
        {
          "category": "external",
          "summary": "https://www.postgresql.org/support/security/CVE-2023-39417",
          "url": "https://www.postgresql.org/support/security/CVE-2023-39417"
        }
      ],
      "release_date": "2023-08-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-01-22T20:55:21+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0337"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "postgresql: extension script @substitutions@ within quoting allow SQL injection"
    }
  ]
}

CVE-2023-5868 (GCVE-0-2023-5868)

Vulnerability from cvelistv5 – Published: 2023-12-10 17:56 – Updated: 2026-03-12 05:21

Title

Postgresql: memory disclosure in aggregate function calls

Summary

Severity ?

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-686 - Function Call With Incorrect Argument Type

Assigner

redhat

References

25 references

URL	Tags
https://access.redhat.com/errata/RHSA-2023:7545	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7579	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7580	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7581	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7616	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7656	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7666	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7667	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7694	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7695	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7714	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7770	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7772	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7784	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7785	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7883	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7884	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7885	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0304	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0332	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0337	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-5868	vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2247168	issue-trackingx_refsource_REDHAT
https://www.postgresql.org/about/news/postgresql-…
https://www.postgresql.org/support/security/CVE-2…

Impacted products

45 products

Vendor	Product	Version
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-7 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-7 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231114113712.a75119d5 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231128173330.a75119d5 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231114113548.a75119d5 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 8020020231128165246.4cda2c84 , < * (rpm) cpe:/a:redhat:rhel_tus:8.2::appstream cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_e4s:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Unaffected: 8020020231128165246.4cda2c84 , < * (rpm) cpe:/a:redhat:rhel_tus:8.2::appstream cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_e4s:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	Unaffected: 8020020231128165246.4cda2c84 , < * (rpm) cpe:/a:redhat:rhel_tus:8.2::appstream cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_e4s:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 8040020231127153301.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 8040020231127154806.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Unaffected: 8040020231127153301.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Unaffected: 8040020231127154806.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Unaffected: 8040020231127153301.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Unaffected: 8040020231127154806.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	Unaffected: 8060020231114115246.ad008a3a , < * (rpm) cpe:/a:redhat:rhel_eus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	Unaffected: 8060020231128165328.ad008a3a , < * (rpm) cpe:/a:redhat:rhel_eus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231114105206.63b34585 , < * (rpm) cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231128165335.63b34585 , < * (rpm) cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231113134015.63b34585 , < * (rpm) cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:13.13-1.el9_3 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 9030020231120082734.rhel9 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support	Unaffected: 0:13.13-1.el9_0 , < * (rpm) cpe:/a:redhat:rhel_eus:9.0::appstream cpe:/a:redhat:rhel_eus:9.0::crb
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 0:13.13-1.el9_2 , < * (rpm) cpe:/a:redhat:rhel_eus:9.2::crb cpe:/a:redhat:rhel_eus:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 9020020231115020618.rhel9 , < * (rpm) cpe:/a:redhat:rhel_eus:9.2::appstream
Red Hat	Red Hat Software Collections for Red Hat Enterprise Linux 7	Unaffected: 0:12.17-1.el7 , < * (rpm) cpe:/a:redhat:rhel_software_collections:3::el7
Red Hat	Red Hat Software Collections for Red Hat Enterprise Linux 7	Unaffected: 0:13.13-1.el7 , < * (rpm) cpe:/a:redhat:rhel_software_collections:3::el7
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-7 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Red Hat	Red Hat Software Collections	cpe:/a:redhat:rhel_software_collections:3

Date Public ?

2023-11-09 00:00

Credits

Upstream acknowledges Jingzhou Fu as the original reporter.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:25:50.319Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2023:7545",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7545"
          },
          {
            "name": "RHSA-2023:7579",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7579"
          },
          {
            "name": "RHSA-2023:7580",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7580"
          },
          {
            "name": "RHSA-2023:7581",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7581"
          },
          {
            "name": "RHSA-2023:7616",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7616"
          },
          {
            "name": "RHSA-2023:7656",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7656"
          },
          {
            "name": "RHSA-2023:7666",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7666"
          },
          {
            "name": "RHSA-2023:7667",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7667"
          },
          {
            "name": "RHSA-2023:7694",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7694"
          },
          {
            "name": "RHSA-2023:7695",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7695"
          },
          {
            "name": "RHSA-2023:7714",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7714"
          },
          {
            "name": "RHSA-2023:7770",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7770"
          },
          {
            "name": "RHSA-2023:7772",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7772"
          },
          {
            "name": "RHSA-2023:7784",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7784"
          },
          {
            "name": "RHSA-2023:7785",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7785"
          },
          {
            "name": "RHSA-2023:7883",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7883"
          },
          {
            "name": "RHSA-2023:7884",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7884"
          },
          {
            "name": "RHSA-2023:7885",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7885"
          },
          {
            "name": "RHSA-2024:0304",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0304"
          },
          {
            "name": "RHSA-2024:0332",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0332"
          },
          {
            "name": "RHSA-2024:0337",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0337"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-5868"
          },
          {
            "name": "RHBZ#2247168",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247168"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240119-0003/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.postgresql.org/support/security/CVE-2023-5868/"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231114113712.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231128173330.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231114113548.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020231114115246.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020231128165328.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231114105206.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231128165335.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231113134015.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "9030020231120082734.rhel9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::appstream",
            "cpe:/a:redhat:rhel_eus:9.0::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::crb",
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "9020020231115020618.rhel9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3::el7"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql12-postgresql",
          "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:12.17-1.el7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3::el7"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql13-postgresql",
          "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:10/postgresql",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "postgresql:16/postgresql",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "postgresql:16/postgresql",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql10-postgresql",
          "product": "Red Hat Software Collections",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Upstream acknowledges Jingzhou Fu as the original reporter."
        }
      ],
      "datePublic": "2023-11-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with \u0027unknown\u0027-type arguments. Handling \u0027unknown\u0027-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-686",
              "description": "Function Call With Incorrect Argument Type",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-12T05:21:09.981Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2023:7545",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7545"
        },
        {
          "name": "RHSA-2023:7579",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7579"
        },
        {
          "name": "RHSA-2023:7580",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7580"
        },
        {
          "name": "RHSA-2023:7581",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7581"
        },
        {
          "name": "RHSA-2023:7616",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7616"
        },
        {
          "name": "RHSA-2023:7656",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7656"
        },
        {
          "name": "RHSA-2023:7666",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7666"
        },
        {
          "name": "RHSA-2023:7667",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7667"
        },
        {
          "name": "RHSA-2023:7694",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7694"
        },
        {
          "name": "RHSA-2023:7695",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7695"
        },
        {
          "name": "RHSA-2023:7714",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7714"
        },
        {
          "name": "RHSA-2023:7770",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7770"
        },
        {
          "name": "RHSA-2023:7772",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7772"
        },
        {
          "name": "RHSA-2023:7784",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7784"
        },
        {
          "name": "RHSA-2023:7785",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7785"
        },
        {
          "name": "RHSA-2023:7883",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7883"
        },
        {
          "name": "RHSA-2023:7884",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7884"
        },
        {
          "name": "RHSA-2023:7885",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7885"
        },
        {
          "name": "RHSA-2024:0304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0304"
        },
        {
          "name": "RHSA-2024:0332",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0332"
        },
        {
          "name": "RHSA-2024:0337",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0337"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-5868"
        },
        {
          "name": "RHBZ#2247168",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247168"
        },
        {
          "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/"
        },
        {
          "url": "https://www.postgresql.org/support/security/CVE-2023-5868/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-10-31T00:00:00.000Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-11-09T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Postgresql: memory disclosure in aggregate function calls",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-686: Function Call With Incorrect Argument Type"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-5868",
    "datePublished": "2023-12-10T17:56:57.176Z",
    "dateReserved": "2023-10-31T03:56:17.314Z",
    "dateUpdated": "2026-03-12T05:21:09.981Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-39417 (GCVE-0-2023-39417)

Vulnerability from cvelistv5 – Published: 2023-08-11 12:19 – Updated: 2026-03-12 06:14

Title

Postgresql: extension script @substitutions@ within quoting allow sql injection

Summary

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Assigner

redhat

References

24 references

URL	Tags
https://access.redhat.com/errata/RHSA-2023:7545	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7579	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7580	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7581	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7616	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7656	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7666	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7667	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7694	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7695	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7714	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7770	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7772	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7784	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7785	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7883	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7884	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7885	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0304	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0332	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0337	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-39417	vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2228111	issue-trackingx_refsource_REDHAT
https://www.postgresql.org/support/security/CVE-2…

Impacted products

43 products

Vendor	Product	Version
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-7 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-7 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231114113712.a75119d5 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231128173330.a75119d5 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231114113548.a75119d5 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 8020020231128165246.4cda2c84 , < * (rpm) cpe:/a:redhat:rhel_tus:8.2::appstream cpe:/a:redhat:rhel_e4s:8.2::appstream cpe:/a:redhat:rhel_aus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Unaffected: 8020020231128165246.4cda2c84 , < * (rpm) cpe:/a:redhat:rhel_tus:8.2::appstream cpe:/a:redhat:rhel_e4s:8.2::appstream cpe:/a:redhat:rhel_aus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	Unaffected: 8020020231128165246.4cda2c84 , < * (rpm) cpe:/a:redhat:rhel_tus:8.2::appstream cpe:/a:redhat:rhel_e4s:8.2::appstream cpe:/a:redhat:rhel_aus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 8040020231127153301.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 8040020231127154806.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Unaffected: 8040020231127153301.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Unaffected: 8040020231127154806.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Unaffected: 8040020231127153301.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Unaffected: 8040020231127154806.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	Unaffected: 8060020231114115246.ad008a3a , < * (rpm) cpe:/a:redhat:rhel_eus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	Unaffected: 8060020231128165328.ad008a3a , < * (rpm) cpe:/a:redhat:rhel_eus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231114105206.63b34585 , < * (rpm) cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231128165335.63b34585 , < * (rpm) cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231113134015.63b34585 , < * (rpm) cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:13.13-1.el9_3 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::crb cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 9030020231120082734.rhel9 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support	Unaffected: 0:13.13-1.el9_0 , < * (rpm) cpe:/a:redhat:rhel_eus:9.0::appstream cpe:/a:redhat:rhel_eus:9.0::crb
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 0:13.13-1.el9_2 , < * (rpm) cpe:/a:redhat:rhel_eus:9.2::appstream cpe:/a:redhat:rhel_eus:9.2::crb
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 9020020231115020618.rhel9 , < * (rpm) cpe:/a:redhat:rhel_eus:9.2::appstream
Red Hat	Red Hat Software Collections for Red Hat Enterprise Linux 7	Unaffected: 0:12.17-1.el7 , < * (rpm) cpe:/a:redhat:rhel_software_collections:3::el7
Red Hat	Red Hat Software Collections for Red Hat Enterprise Linux 7	Unaffected: 0:13.13-1.el7 , < * (rpm) cpe:/a:redhat:rhel_software_collections:3::el7
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-7 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Software Collections	cpe:/a:redhat:rhel_software_collections:3

Date Public ?

2023-08-10 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-39417",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-09T13:38:12.203477Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-09T13:38:20.616Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T18:10:20.829Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2023:7545",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7545"
          },
          {
            "name": "RHSA-2023:7579",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7579"
          },
          {
            "name": "RHSA-2023:7580",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7580"
          },
          {
            "name": "RHSA-2023:7581",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7581"
          },
          {
            "name": "RHSA-2023:7616",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7616"
          },
          {
            "name": "RHSA-2023:7656",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7656"
          },
          {
            "name": "RHSA-2023:7666",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7666"
          },
          {
            "name": "RHSA-2023:7667",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7667"
          },
          {
            "name": "RHSA-2023:7694",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7694"
          },
          {
            "name": "RHSA-2023:7695",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7695"
          },
          {
            "name": "RHSA-2023:7714",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7714"
          },
          {
            "name": "RHSA-2023:7770",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7770"
          },
          {
            "name": "RHSA-2023:7772",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7772"
          },
          {
            "name": "RHSA-2023:7784",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7784"
          },
          {
            "name": "RHSA-2023:7785",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7785"
          },
          {
            "name": "RHSA-2023:7883",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7883"
          },
          {
            "name": "RHSA-2023:7884",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7884"
          },
          {
            "name": "RHSA-2023:7885",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7885"
          },
          {
            "name": "RHSA-2024:0304",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0304"
          },
          {
            "name": "RHSA-2024:0332",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0332"
          },
          {
            "name": "RHSA-2024:0337",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0337"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-39417"
          },
          {
            "name": "RHBZ#2228111",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228111"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00003.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20230915-0002/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5553"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5554"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.postgresql.org/support/security/CVE-2023-39417"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231114113712.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231128173330.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231114113548.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020231114115246.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020231128165328.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231114105206.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231128165335.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231113134015.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "9030020231120082734.rhel9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::appstream",
            "cpe:/a:redhat:rhel_eus:9.0::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream",
            "cpe:/a:redhat:rhel_eus:9.2::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "9020020231115020618.rhel9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3::el7"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql12-postgresql",
          "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:12.17-1.el7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3::el7"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql13-postgresql",
          "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "postgresql:10/postgresql",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql10-postgresql",
          "product": "Red Hat Software Collections",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2023-08-10T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, \u0027\u0027, or \"\"). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-89",
              "description": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-12T06:14:20.423Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2023:7545",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7545"
        },
        {
          "name": "RHSA-2023:7579",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7579"
        },
        {
          "name": "RHSA-2023:7580",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7580"
        },
        {
          "name": "RHSA-2023:7581",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7581"
        },
        {
          "name": "RHSA-2023:7616",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7616"
        },
        {
          "name": "RHSA-2023:7656",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7656"
        },
        {
          "name": "RHSA-2023:7666",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7666"
        },
        {
          "name": "RHSA-2023:7667",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7667"
        },
        {
          "name": "RHSA-2023:7694",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7694"
        },
        {
          "name": "RHSA-2023:7695",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7695"
        },
        {
          "name": "RHSA-2023:7714",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7714"
        },
        {
          "name": "RHSA-2023:7770",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7770"
        },
        {
          "name": "RHSA-2023:7772",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7772"
        },
        {
          "name": "RHSA-2023:7784",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7784"
        },
        {
          "name": "RHSA-2023:7785",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7785"
        },
        {
          "name": "RHSA-2023:7883",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7883"
        },
        {
          "name": "RHSA-2023:7884",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7884"
        },
        {
          "name": "RHSA-2023:7885",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7885"
        },
        {
          "name": "RHSA-2024:0304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0304"
        },
        {
          "name": "RHSA-2024:0332",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0332"
        },
        {
          "name": "RHSA-2024:0337",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0337"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-39417"
        },
        {
          "name": "RHBZ#2228111",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228111"
        },
        {
          "url": "https://www.postgresql.org/support/security/CVE-2023-39417"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-08-01T00:00:00.000Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-08-10T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Postgresql: extension script @substitutions@ within quoting allow sql injection",
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-39417",
    "datePublished": "2023-08-11T12:19:15.108Z",
    "dateReserved": "2023-08-01T09:31:02.842Z",
    "dateUpdated": "2026-03-12T06:14:20.423Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-5869 (GCVE-0-2023-5869)

Vulnerability from cvelistv5 – Published: 2023-12-10 17:56 – Updated: 2026-03-11 23:06

Title

Postgresql: buffer overrun from integer overflow in array modification

Summary

Severity ?

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-190 - Integer Overflow or Wraparound

Assigner

redhat

References

33 references

URL	Tags
https://access.redhat.com/errata/RHSA-2023:7545	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7579	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7580	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7581	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7616	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7656	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7666	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7667	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7694	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7695	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7714	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7770	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7771	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7772	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7778	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7783	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7784	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7785	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7786	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7788	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7789	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7790	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7878	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7883	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7884	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7885	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0304	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0332	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0337	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-5869	vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2247169	issue-trackingx_refsource_REDHAT
https://www.postgresql.org/about/news/postgresql-…
https://www.postgresql.org/support/security/CVE-2…

Impacted products

54 products

Vendor	Product	Version
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-7 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-7 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Enterprise Linux 7	Unaffected: 0:9.2.24-9.el7_9 , < * (rpm) cpe:/o:redhat:enterprise_linux:7::server cpe:/o:redhat:enterprise_linux:7::client cpe:/o:redhat:enterprise_linux:7::computenode cpe:/o:redhat:enterprise_linux:7::workstation
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231114113712.a75119d5 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231128173330.a75119d5 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231201202407.a75119d5 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231114113548.a75119d5 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions	Unaffected: 8010020231130170510.c27ad7f8 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.1::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 8020020231128165246.4cda2c84 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.2::appstream cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 8020020231201202149.4cda2c84 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.2::appstream cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Unaffected: 8020020231128165246.4cda2c84 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.2::appstream cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Unaffected: 8020020231201202149.4cda2c84 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.2::appstream cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	Unaffected: 8020020231128165246.4cda2c84 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.2::appstream cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	Unaffected: 8020020231201202149.4cda2c84 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.2::appstream cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 8040020231127153301.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 8040020231127154806.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 8040020231127142440.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Unaffected: 8040020231127153301.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Unaffected: 8040020231127154806.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Unaffected: 8040020231127142440.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Unaffected: 8040020231127153301.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Unaffected: 8040020231127154806.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Unaffected: 8040020231127142440.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	Unaffected: 8060020231114115246.ad008a3a , < * (rpm) cpe:/a:redhat:rhel_eus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	Unaffected: 8060020231128165328.ad008a3a , < * (rpm) cpe:/a:redhat:rhel_eus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	Unaffected: 8060020231201202249.ad008a3a , < * (rpm) cpe:/a:redhat:rhel_eus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231114105206.63b34585 , < * (rpm) cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231128165335.63b34585 , < * (rpm) cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231201202316.63b34585 , < * (rpm) cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231113134015.63b34585 , < * (rpm) cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:13.13-1.el9_3 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::crb cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 9030020231120082734.rhel9 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support	Unaffected: 0:13.13-1.el9_0 , < * (rpm) cpe:/a:redhat:rhel_eus:9.0::appstream cpe:/a:redhat:rhel_eus:9.0::crb
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 0:13.13-1.el9_2 , < * (rpm) cpe:/a:redhat:rhel_eus:9.2::crb cpe:/a:redhat:rhel_eus:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 9020020231115020618.rhel9 , < * (rpm) cpe:/a:redhat:rhel_eus:9.2::appstream
Red Hat	Red Hat Software Collections for Red Hat Enterprise Linux 7	Unaffected: 0:12.17-1.el7 , < * (rpm) cpe:/a:redhat:rhel_software_collections:3::el7
Red Hat	Red Hat Software Collections for Red Hat Enterprise Linux 7	Unaffected: 0:10.23-2.el7 , < * (rpm) cpe:/a:redhat:rhel_software_collections:3::el7
Red Hat	Red Hat Software Collections for Red Hat Enterprise Linux 7	Unaffected: 0:13.13-1.el7 , < * (rpm) cpe:/a:redhat:rhel_software_collections:3::el7
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-7 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9

Date Public ?

2023-11-09 00:00

Credits

Upstream acknowledges Pedro Gallegos as the original reporter.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:25:51.452Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2023:7545",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7545"
          },
          {
            "name": "RHSA-2023:7579",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7579"
          },
          {
            "name": "RHSA-2023:7580",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7580"
          },
          {
            "name": "RHSA-2023:7581",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7581"
          },
          {
            "name": "RHSA-2023:7616",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7616"
          },
          {
            "name": "RHSA-2023:7656",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7656"
          },
          {
            "name": "RHSA-2023:7666",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7666"
          },
          {
            "name": "RHSA-2023:7667",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7667"
          },
          {
            "name": "RHSA-2023:7694",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7694"
          },
          {
            "name": "RHSA-2023:7695",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7695"
          },
          {
            "name": "RHSA-2023:7714",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7714"
          },
          {
            "name": "RHSA-2023:7770",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7770"
          },
          {
            "name": "RHSA-2023:7771",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7771"
          },
          {
            "name": "RHSA-2023:7772",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7772"
          },
          {
            "name": "RHSA-2023:7778",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7778"
          },
          {
            "name": "RHSA-2023:7783",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7783"
          },
          {
            "name": "RHSA-2023:7784",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7784"
          },
          {
            "name": "RHSA-2023:7785",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7785"
          },
          {
            "name": "RHSA-2023:7786",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7786"
          },
          {
            "name": "RHSA-2023:7788",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7788"
          },
          {
            "name": "RHSA-2023:7789",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7789"
          },
          {
            "name": "RHSA-2023:7790",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7790"
          },
          {
            "name": "RHSA-2023:7878",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7878"
          },
          {
            "name": "RHSA-2023:7883",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7883"
          },
          {
            "name": "RHSA-2023:7884",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7884"
          },
          {
            "name": "RHSA-2023:7885",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7885"
          },
          {
            "name": "RHSA-2024:0304",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0304"
          },
          {
            "name": "RHSA-2024:0332",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0332"
          },
          {
            "name": "RHSA-2024:0337",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0337"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-5869"
          },
          {
            "name": "RHBZ#2247169",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247169"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240119-0003/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.postgresql.org/support/security/CVE-2023-5869/"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7::server",
            "cpe:/o:redhat:enterprise_linux:7::client",
            "cpe:/o:redhat:enterprise_linux:7::computenode",
            "cpe:/o:redhat:enterprise_linux:7::workstation"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:9.2.24-9.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231114113712.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231128173330.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:10",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231201202407.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231114113548.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.1::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:10",
          "product": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8010020231130170510.c27ad7f8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:10",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231201202149.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:10",
          "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231201202149.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:10",
          "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231201202149.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:10",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127142440.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:10",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127142440.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:10",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127142440.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020231114115246.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020231128165328.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:10",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020231201202249.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231114105206.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231128165335.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:10",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231201202316.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231113134015.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "9030020231120082734.rhel9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::appstream",
            "cpe:/a:redhat:rhel_eus:9.0::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::crb",
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "9020020231115020618.rhel9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3::el7"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql12-postgresql",
          "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:12.17-1.el7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3::el7"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql10-postgresql",
          "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:10.23-2.el7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3::el7"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql13-postgresql",
          "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "postgresql:16/postgresql",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "postgresql:16/postgresql",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Upstream acknowledges Pedro Gallegos as the original reporter."
        }
      ],
      "datePublic": "2023-11-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server\u0027s memory."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-11T23:06:27.425Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2023:7545",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7545"
        },
        {
          "name": "RHSA-2023:7579",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7579"
        },
        {
          "name": "RHSA-2023:7580",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7580"
        },
        {
          "name": "RHSA-2023:7581",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7581"
        },
        {
          "name": "RHSA-2023:7616",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7616"
        },
        {
          "name": "RHSA-2023:7656",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7656"
        },
        {
          "name": "RHSA-2023:7666",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7666"
        },
        {
          "name": "RHSA-2023:7667",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7667"
        },
        {
          "name": "RHSA-2023:7694",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7694"
        },
        {
          "name": "RHSA-2023:7695",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7695"
        },
        {
          "name": "RHSA-2023:7714",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7714"
        },
        {
          "name": "RHSA-2023:7770",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7770"
        },
        {
          "name": "RHSA-2023:7771",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7771"
        },
        {
          "name": "RHSA-2023:7772",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7772"
        },
        {
          "name": "RHSA-2023:7778",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7778"
        },
        {
          "name": "RHSA-2023:7783",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7783"
        },
        {
          "name": "RHSA-2023:7784",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7784"
        },
        {
          "name": "RHSA-2023:7785",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7785"
        },
        {
          "name": "RHSA-2023:7786",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7786"
        },
        {
          "name": "RHSA-2023:7788",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7788"
        },
        {
          "name": "RHSA-2023:7789",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7789"
        },
        {
          "name": "RHSA-2023:7790",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7790"
        },
        {
          "name": "RHSA-2023:7878",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7878"
        },
        {
          "name": "RHSA-2023:7883",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7883"
        },
        {
          "name": "RHSA-2023:7884",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7884"
        },
        {
          "name": "RHSA-2023:7885",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7885"
        },
        {
          "name": "RHSA-2024:0304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0304"
        },
        {
          "name": "RHSA-2024:0332",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0332"
        },
        {
          "name": "RHSA-2024:0337",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0337"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-5869"
        },
        {
          "name": "RHBZ#2247169",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247169"
        },
        {
          "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/"
        },
        {
          "url": "https://www.postgresql.org/support/security/CVE-2023-5869/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-10-31T00:00:00.000Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-11-09T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Postgresql: buffer overrun from integer overflow in array modification",
      "workarounds": [
        {
          "lang": "en",
          "value": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-5869",
    "datePublished": "2023-12-10T17:56:57.131Z",
    "dateReserved": "2023-10-31T03:56:42.638Z",
    "dateUpdated": "2026-03-11T23:06:27.425Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-5870 (GCVE-0-2023-5870)

Vulnerability from cvelistv5 – Published: 2023-12-10 17:58 – Updated: 2026-03-02 17:25

Title

Postgresql: role pg_signal_backend can signal certain superuser processes.

Summary

Severity ?

2.2 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L

CWE

CWE-400 - Uncontrolled Resource Consumption

Assigner

redhat

References

25 references

URL	Tags
https://access.redhat.com/errata/RHSA-2023:7545	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7579	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7580	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7581	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7616	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7656	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7666	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7667	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7694	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7695	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7714	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7770	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7772	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7784	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7785	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7883	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7884	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7885	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0304	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0332	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0337	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-5870	vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2247170	issue-trackingx_refsource_REDHAT
https://www.postgresql.org/about/news/postgresql-…
https://www.postgresql.org/support/security/CVE-2…

Impacted products

45 products

Vendor	Product	Version
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-7 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-7 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231114113712.a75119d5 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231128173330.a75119d5 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231114113548.a75119d5 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 8020020231128165246.4cda2c84 , < * (rpm) cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream cpe:/a:redhat:rhel_e4s:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Unaffected: 8020020231128165246.4cda2c84 , < * (rpm) cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream cpe:/a:redhat:rhel_e4s:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	Unaffected: 8020020231128165246.4cda2c84 , < * (rpm) cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream cpe:/a:redhat:rhel_e4s:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 8040020231127153301.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 8040020231127154806.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Unaffected: 8040020231127153301.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Unaffected: 8040020231127154806.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Unaffected: 8040020231127153301.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Unaffected: 8040020231127154806.522a0ee4 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	Unaffected: 8060020231114115246.ad008a3a , < * (rpm) cpe:/a:redhat:rhel_eus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	Unaffected: 8060020231128165328.ad008a3a , < * (rpm) cpe:/a:redhat:rhel_eus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231114105206.63b34585 , < * (rpm) cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231128165335.63b34585 , < * (rpm) cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231113134015.63b34585 , < * (rpm) cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:13.13-1.el9_3 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::crb cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 9030020231120082734.rhel9 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support	Unaffected: 0:13.13-1.el9_0 , < * (rpm) cpe:/a:redhat:rhel_eus:9.0::appstream cpe:/a:redhat:rhel_eus:9.0::crb
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 0:13.13-1.el9_2 , < * (rpm) cpe:/a:redhat:rhel_eus:9.2::crb cpe:/a:redhat:rhel_eus:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 9020020231115020618.rhel9 , < * (rpm) cpe:/a:redhat:rhel_eus:9.2::appstream
Red Hat	Red Hat Software Collections for Red Hat Enterprise Linux 7	Unaffected: 0:12.17-1.el7 , < * (rpm) cpe:/a:redhat:rhel_software_collections:3::el7
Red Hat	Red Hat Software Collections for Red Hat Enterprise Linux 7	Unaffected: 0:13.13-1.el7 , < * (rpm) cpe:/a:redhat:rhel_software_collections:3::el7
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-7 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Red Hat	Red Hat Software Collections	cpe:/a:redhat:rhel_software_collections:3

Date Public ?

2023-11-09 00:00

Credits

Upstream acknowledges Hemanth Sandrana and Mahendrakar Srinivasarao as the original reporters.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:25:52.585Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2023:7545",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7545"
          },
          {
            "name": "RHSA-2023:7579",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7579"
          },
          {
            "name": "RHSA-2023:7580",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7580"
          },
          {
            "name": "RHSA-2023:7581",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7581"
          },
          {
            "name": "RHSA-2023:7616",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7616"
          },
          {
            "name": "RHSA-2023:7656",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7656"
          },
          {
            "name": "RHSA-2023:7666",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7666"
          },
          {
            "name": "RHSA-2023:7667",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7667"
          },
          {
            "name": "RHSA-2023:7694",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7694"
          },
          {
            "name": "RHSA-2023:7695",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7695"
          },
          {
            "name": "RHSA-2023:7714",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7714"
          },
          {
            "name": "RHSA-2023:7770",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7770"
          },
          {
            "name": "RHSA-2023:7772",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7772"
          },
          {
            "name": "RHSA-2023:7784",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7784"
          },
          {
            "name": "RHSA-2023:7785",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7785"
          },
          {
            "name": "RHSA-2023:7883",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7883"
          },
          {
            "name": "RHSA-2023:7884",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7884"
          },
          {
            "name": "RHSA-2023:7885",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7885"
          },
          {
            "name": "RHSA-2024:0304",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0304"
          },
          {
            "name": "RHSA-2024:0332",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0332"
          },
          {
            "name": "RHSA-2024:0337",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0337"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-5870"
          },
          {
            "name": "RHBZ#2247170",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247170"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240119-0003/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.postgresql.org/support/security/CVE-2023-5870/"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-5870",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2023-12-19T19:42:25.492582Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-02T17:04:19.568Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231114113712.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231128173330.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231114113548.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020231114115246.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020231128165328.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231114105206.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231128165335.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231113134015.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "9030020231120082734.rhel9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::appstream",
            "cpe:/a:redhat:rhel_eus:9.0::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::crb",
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "9020020231115020618.rhel9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3::el7"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql12-postgresql",
          "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:12.17-1.el7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3::el7"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql13-postgresql",
          "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:10/postgresql",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "postgresql:16/postgresql",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "postgresql:16/postgresql",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql10-postgresql",
          "product": "Red Hat Software Collections",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Upstream acknowledges Hemanth Sandrana and Mahendrakar Srinivasarao as the original reporters."
        }
      ],
      "datePublic": "2023-11-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 2.2,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-02T17:25:57.356Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2023:7545",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7545"
        },
        {
          "name": "RHSA-2023:7579",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7579"
        },
        {
          "name": "RHSA-2023:7580",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7580"
        },
        {
          "name": "RHSA-2023:7581",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7581"
        },
        {
          "name": "RHSA-2023:7616",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7616"
        },
        {
          "name": "RHSA-2023:7656",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7656"
        },
        {
          "name": "RHSA-2023:7666",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7666"
        },
        {
          "name": "RHSA-2023:7667",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7667"
        },
        {
          "name": "RHSA-2023:7694",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7694"
        },
        {
          "name": "RHSA-2023:7695",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7695"
        },
        {
          "name": "RHSA-2023:7714",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7714"
        },
        {
          "name": "RHSA-2023:7770",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7770"
        },
        {
          "name": "RHSA-2023:7772",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7772"
        },
        {
          "name": "RHSA-2023:7784",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7784"
        },
        {
          "name": "RHSA-2023:7785",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7785"
        },
        {
          "name": "RHSA-2023:7883",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7883"
        },
        {
          "name": "RHSA-2023:7884",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7884"
        },
        {
          "name": "RHSA-2023:7885",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7885"
        },
        {
          "name": "RHSA-2024:0304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0304"
        },
        {
          "name": "RHSA-2024:0332",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0332"
        },
        {
          "name": "RHSA-2024:0337",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0337"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-5870"
        },
        {
          "name": "RHBZ#2247170",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247170"
        },
        {
          "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/"
        },
        {
          "url": "https://www.postgresql.org/support/security/CVE-2023-5870/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-10-31T00:00:00.000Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-11-09T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Postgresql: role pg_signal_backend can signal certain superuser processes.",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-400: Uncontrolled Resource Consumption"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-5870",
    "datePublished": "2023-12-10T17:58:30.213Z",
    "dateReserved": "2023-10-31T03:56:58.366Z",
    "dateUpdated": "2026-03-02T17:25:57.356Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

RHSA-2024:0337

CVE-2023-5868 (GCVE-0-2023-5868)

CVE-2023-39417 (GCVE-0-2023-39417)

CVE-2023-5869 (GCVE-0-2023-5869)

CVE-2023-5870 (GCVE-0-2023-5870)

Tags

Sightings

Nomenclature