Дата обнаружения
|
08/10/2015 |
Уровень угрозы
|
High |
Описание
|
Multiple serious vulnerabilities have been found in PostgreSQL. Malicious users can exploit these vulnerabilities to cause denial of service or obtain sensitive information. Below is a complete list of vulnerabilities
Technical details Vulnerability (1) caused by erroneous json or jsonb construction from input. (2) caused by crypt function and can be triggered via ‘too-short’ salt to read arbitrary server memory. |
Пораженные продукты
|
PostgreSQL versions earlier than 9.0.23 |
Решение
|
Update to the latest version |
Первичный источник обнаружения
|
Release note |
Оказываемое влияние
?
|
OSI
[?]
DoS
[?]
|
Связанные продукты
|
PostgreSQL |
CVE-IDS
|
|
Узнай статистику распространения уязвимостей в твоем регионе |