KLA11572
Multiple vulnerabilities in PostgreSQL

Обновлено: 03/06/2020

Дата обнаружения	09/05/2019
Уровень угрозы	Critical
Описание	Multiple vulnerabilities were found in PostgreSQL. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: A vulnerability in PostgreSQL can be exploited via reading the most common values of certain columns to bypass security restrictions; A vulnerability in PostgreSQL can be exploited via reading arbitrary data directory files to execute arbitrary code; A vulnerability in PostgreSQL can be exploited via reading arbitrary bytes of server memory to obtain sensitive information;
Пораженные продукты	PostgreSQL 11.x earlier than 11.3 PostgreSQL 10.x earlier than 10.8 PostgreSQL 9.6.x earlier than 9.6.13 PostgreSQL 9.5.x earlier than 9.5.17 PostgreSQL 9.4.x earlier than 9.4.22
Решение	Update to latest version Download PostgreSQL
Первичный источник обнаружения	PostgreSQL 11.3, 10.8, 9.6.13, 9.5.17, and 9.4.22 Released!
Оказываемое влияние ?	ACE [?] OSI [?] SB [?]
Связанные продукты	PostgreSQL
CVE-IDS	CVE-2019-101304.0Warning CVE-2019-101284.1Warning CVE-2019-101274.3Warning CVE-2019-101294.0Warning
	Узнай статистику распространения уязвимостей в твоем регионе

KLA11572Multiple vulnerabilities in PostgreSQL