Several vulnerabilities have been discovered in the PostgreSQL
database system
CVE-2023-5868
Jingzhou Fu discovered a memory disclosure flaw in aggregate
function calls
CVE-2023-5869
Pedro Gallegos reported integer overflow flaws resulting in buffer
overflows in the array modification functions
CVE-2023-5870
Hemanth Sandrana ...
Several vulnerabilities have been discovered in the PostgreSQL
database system
CVE-2023-5868
Jingzhou Fu discovered a memory disclosure flaw in aggregate
function calls
CVE-2023-5869
Pedro Gallegos reported integer overflow flaws resulting in buffer
overflows in the array modification functions
CVE-2023-5870
Hemanth Sandrana ...
Description<!----> This CVE is under investigation by Red Hat Product Security ...
Synopsis
Important: rh-postgresql13-postgresql security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for rh-postgresql13-postgresql is now available for Red Hat Software CollectionsRed Hat Product Sec ...
Synopsis
Important: rh-postgresql12-postgresql security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for rh-postgresql12-postgresql is now available for Red Hat Software CollectionsRed Hat Product Sec ...
Synopsis
Important: postgresql:12 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 84 Advanced Mission Critical Update S ...
Synopsis
Important: postgresql security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for postgresql is now available for Red Hat Enterprise Linux 90 Extended Update SupportRed Hat Product Security ha ...
Synopsis
Important: postgresql:12 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat Pr ...
Synopsis
Important: postgresql:12 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 88 Extended Update SupportRed Hat Pr ...
概述
Important: postgresql:13 security update
类型/严重性
Security Advisory: Important
Red Hat Insights 补丁分析
识别并修复受此公告影响的系统。
查看受影响的系统
标题
An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this updat ...
概述
Important: postgresql:12 security update
类型/严重性
Security Advisory: Important
Red Hat Insights 补丁分析
识别并修复受此公告影响的系统。
查看受影响的系统
标题
An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 82 Advanced Update Support, Red Hat Enterprise ...
Synopsis
Important: postgresql security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for postgresql is now available for Red Hat Enterprise Linux 92 Extended Update SupportRed Hat Product Security ha ...
Synopsis
Important: ACS 41 enhancement update
Type/Severity
Security Advisory: Important
Topic
Updated images are now available for Red Hat Advanced Cluster Security 416 The updated images includes security fixesRed Hat Product Security has rated this update as having a security impact ofImportant A Common Vulnerability Scoring System ( ...
Synopsis
Important: RHACS 374 enhancement and security update
Type/Severity
Security Advisory: Important
Topic
Updated images are now available for Red Hat Advanced Cluster Security 374 The updated images includes bug and security fixesRed Hat Product Security has rated this update as having a security impact of Important A Common Vulner ...
Synopsis
Important: postgresql:13 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat Pr ...
概述
Important: postgresql:15 security update
类型/严重性
Security Advisory: Important
Red Hat Insights 补丁分析
识别并修复受此公告影响的系统。
查看受影响的系统
标题
An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 92 Extended Update SupportRed Hat Product Sec ...
Synopsis
Important: postgresql:13 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 88 Extended Update SupportRed Hat Pr ...
概述
Important: postgresql:15 security update
类型/严重性
Security Advisory: Important
Red Hat Insights 补丁分析
识别并修复受此公告影响的系统。
查看受影响的系统
标题
An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 88 Extended Update SupportRed Hat Product Sec ...
Synopsis
Important: postgresql:15 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated t ...
Synopsis
Important: RHACS 42 security update
Type/Severity
Security Advisory: Important
Topic
Updated images are now available for Red Hat Advanced Cluster Security 424The updated images includes security fixesRed Hat Product Security has rated this update as having a security impact ofImportant A Common Vulnerability Scoring System (CV ...
Synopsis
Important: postgresql security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for postgresql is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as hav ...
Synopsis
Important: postgresql:13 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 84 Advanced Mission Critical Update S ...
Synopsis
Important: postgresql:15 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated t ...
Synopsis
Important: postgresql:12 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated t ...
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:@ inside a quoting construct (dollar quoting, '', or "") If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary ...
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:@ inside a quoting construct (dollar quoting, '', or "") If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary ...
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:@ inside a quoting construct (dollar quoting, '', or "") If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary ...
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:@ inside a quoting construct (dollar quoting, '', or "") If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary ...
An extension script
is vulnerable if it uses @extowner@, @extschema@, or @extschema:@
inside a quoting construct (dollar quoting, '', or "") No bundled extension
is vulnerable Vulnerable uses do appear in a documentation example and in
non-bundled extensions Hence, the attack prerequisite is an administrator
having installed files of a vulner ...