Published: 29/10/2019 Updated: 01/10/2020

CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8

CVSS v3 Base Score: 2.2 | Impact Score: 1.4 | Exploitability Score: 0.7

VMScore: 312

Vector: AV:N/AC:M/Au:S/C:P/I:N/A:N

Postgresql, versions 11.x prior to 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan.

Vulnerable Product	Search on Vulmon	Subscribe to Product
postgresql postgresql

Several security issues were fixed in PostgreSQL ...

Two security issues have been discovered in the PostgreSQL database system, which could result in privilege escalation, denial of service or memory disclosure For additional information please refer to the upstream announcement at wwwpostgresqlorg/about/news/1960/ For the stable distribution (buster), these problems have been fixed in ve ...

An issue has been found in PostgreSQL >= 110 and < 115 In a database containing hypothetical, user-defined hash equality operators, an attacker could read arbitrary bytes of server memory For an attack to become possible, a superuser would need to create unusual operators It is possible for operators not purpose-crafted for attack to hav ...

In a database containing hypothetical, user-defined hash equality operators, an attacker could read arbitrary bytes of server memory For an attack to become possible, a superuser would need to create unusual operators It is possible for operators not purpose-crafted for attack to have the properties that enable an attack, but we are not aware o ...

CWE-125 https://www.postgresql.org/about/news/1960/https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10209 https://usn.ubuntu.com/4090-1/https://nvd.nist.gov https://www.postgresql.org/support/security/CVE-2019-10209/

CVE-2019-10209

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect