Download
| Alert*
oval:org.secpod.oval:def:89002581
This update for postgresql94 fixes the following issues: Security issues fixed: - CVE-2018-1058: Fixed uncontrolled search path element in pg_dump and other client applications . Bug fixes: - See release notes for details: * https://www.postgresql.org/docs/9.4/static/release-9-4-17.html * https://ww ... oval:org.secpod.oval:def:1600869 Uncontrolled search path element in pg_dump and other client applicationsA flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database oval:org.secpod.oval:def:89002190 This update for postgresql94 fixes the following issues: Security issues fixed: - CVE-2018-1058: Fixed uncontrolled search path element in pg_dump and other client applications . Bug fixes: - See release notes for details: * https://www.postgresql.org/docs/9.4/static/release-9-4-17.html * https://ww ... oval:org.secpod.oval:def:89002301 This update for postgresql96 fixes the following issues: Security issues fixed: - CVE-2018-1058: Fixed uncontrolled search path element in pg_dump and other client applications . Bug fixes: - See release notes for details: * https://www.postgresql.org/docs/9.6/static/release-9-6-8.html oval:org.secpod.oval:def:1801751 Fixed In Version: postgresql 12.4, postgresql 11.9, postgresql 10.14 oval:org.secpod.oval:def:505107 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: rh-postgresql95-postgresql . Security Fix: * postgresql: Certain host connection parameters defeat client-side security defenses * postgresql: Missing aut ... oval:org.secpod.oval:def:505047 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: rh-postgresql96-postgresql . Security Fix: * postgresql: Certain host connection parameters defeat client-side security defenses * postgresql: Missing aut ... oval:org.secpod.oval:def:45859 The host is installed with PostgreSQL 9.3 through 10 and is prone to a privilege escalation vulnerability. The flaw present in the application fails to prevent a user from modifying the behavior of a query for other users.. Successful exploitation allows attackers to execute code with the permission ... oval:org.secpod.oval:def:52091 postgresql-9.6: Object-relational SQL database - postgresql-9.5: Object-relational SQL database - postgresql-9.3: Object-relational SQL database PostgreSQL could be made to execute arbitrary code. oval:org.secpod.oval:def:704217 postgresql-9.6: Object-relational SQL database - postgresql-9.5: Object-relational SQL database - postgresql-9.3: Object-relational SQL database PostgreSQL could be made to execute arbitrary code. |