Searching
..

Click anywhere to stop

KLA49176
Multiple vulnerabilities in PostgreSQL

Обновлено: 25/01/2024
Дата обнаружения
11/05/2023
Уровень угрозы
High
Описание

Multiple vulnerabilities were found in PostgreSQL. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. Information disclosure vulnerability in Core server can be exploited remotely to obtain sensitive information.
  2. Remote code execution vulnerability in Core server can be exploited remotely to execute arbitrary code.
Пораженные продукты

PostgreSQL 15.x earlier than 15.3
PostgreSQL 14.x earlier than 14.8
PostgreSQL 13.x earlier than 13.11
PostgreSQL 12.x earlier than 12.15
PostgreSQL 11.x earlier than 11.20

Решение

Update to the latest version
Download PostgreSQL

Первичный источник обнаружения
PostgreSQL: CVE-2023-2454
PostgreSQL: CVE-2023-2455
Оказываемое влияние
?
ACE 
[?]

OSI 
[?]

SB 
[?]

PE 
[?]
Связанные продукты
PostgreSQL
CVE-IDS
Узнай статистику распространения уязвимостей в твоем регионе