Lucene search
Arch LinuxASA-201505-17HistoryMay 26, 2015 - 12:00 a.m.
postgresql: multiple issues
2015-05-2600:00:00
Arch Linux
lists.archlinux.org
19
0.085 Low
EPSS
Percentile
94.5%
- CVE-2015-3165 (denial of service)
SSL clients disconnecting just before the authentication timeout expires
can cause the server to crash via a double-free issue leading to denial
of service.
- CVE-2015-3166 (information disclosure)
The replacement implementation of snprintf() failed to check for errors
reported by the underlying system library calls; the main case that
might be missed is out-of-memory situations. In the worst case this
might lead to information disclosure.
- CVE-2015-3167 (side-channel key exposure)
In contrib/pgcrypto, some cases of decryption with an incorrect key
could report other error message texts. Fix by using a one-size-fits-all
message.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| any | any | any | postgresql | < 9.4.2-1 | UNKNOWN |
Related
redhat
redhat
(RHSA-2015:1196) Moderate: rh-postgresql94-postgresql security update
2015-06-29 00:00:00
(RHSA-2015:1194) Moderate: postgresql security update
2015-06-29 00:00:00
(RHSA-2015:1195) Moderate: postgresql92-postgresql security update
2015-06-29 00:00:00
nessus
nessus
Ubuntu 14.04 LTS : PostgreSQL vulnerabilities (USN-2621-1)
2015-05-27 00:00:00
SUSE SLED11 / SLES11 Security Update : postgresql91 (SUSE-SU-2015:1091-1)
2015-06-23 00:00:00
CentOS 6 / 7 : postgresql (CESA-2015:1194)
2015-06-30 00:00:00
ubuntu
ubuntu
PostgreSQL vulnerabilities
2015-05-25 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2015:1264-1)
2021-04-19 00:00:00
Mageia: Security Advisory (MGASA-2015-0250)
2022-01-28 00:00:00
Debian Security Advisory DSA 3269-1 (postgresql-9.1 - security update)
2015-05-22 00:00:00
debian
debian
[SECURITY] [DSA 3269-2] postgresql-9.1 regression update
2015-05-31 04:55:56
[SECURITY] [DSA 3270-1] postgresql-9.4 security update
2015-05-22 15:18:39
[SECURITY] [DSA 3269-1] postgresql-9.1 security update
2015-05-22 15:09:19
osv
osv
postgresql-8.4 - security update
2015-05-29 00:00:00
postgresql-9.1 - regression update
2015-05-22 00:00:00
postgresql-9.1 - security update
2015-05-22 00:00:00
oraclelinux
oraclelinux
postgresql security update
2015-06-29 00:00:00
freebsd
freebsd
PostgreSQL -- minor security problems.
2015-04-10 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3270-1] postgresql-9.4 security update
2015-05-25 00:00:00
PostgreSQL multiple security vulnerabilities
2015-05-25 00:00:00
centos
centos
postgresql security update
2015-06-29 16:03:44
amazon
amazon
Medium: postgresql8
2015-07-07 12:29:00
Medium: postgresql93
2015-06-16 10:29:00
Medium: postgresql92
2015-06-16 10:29:00
mageia
mageia
Updated postgresql package fixes security vulnerability
2015-07-01 15:40:22
gentoo
gentoo
PostgreSQL: Multiple vulnerabilities
2015-07-18 00:00:00
ubuntucve
ubuntucve
kaspersky
kaspersky
KLA10592 Denial of service vulnerability in PostgreSQL
2015-05-28 00:00:00
veracode
veracode
Denial Of Service
2019-01-15 09:06:21
Authorization Bypass
2019-05-02 05:40:00
Weak Cryptographic Protection
2019-05-02 05:40:00
postgresql
postgresql
Vulnerability in core server (CVE-2015-3165)
2015-05-28 14:59:00
Vulnerability in contrib module (CVE-2015-3167)
2019-11-20 21:15:00
Vulnerability in core server (CVE-2015-3166)
2019-11-20 21:15:00
cve
cve
prion
prion
nvd
nvd
cvelist
cvelist
huawei
huawei
Security Advisory - Two Buffer Overflow Vulnerabilities in the GaussDB
2017-06-07 00:00:00