Lucene search
RedhatCVELIST:CVE-2019-10208HistoryOct 29, 2019 - 1:13 p.m.
CVE-2019-10208
2019-10-2913:13:12
CWE-89
redhat
www.cve.org
7
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
9.1
Confidence
High
EPSS
0.002
Percentile
57.0%
A flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5.x before 9.5.19, 9.6.x before 9.6.15, 10.x before 10.10 and 11.x before 11.5 where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE permission on the function, can execute arbitrary SQL as the owner of the function.
CNA Affected
[
{
"product": "postgresql",
"vendor": "PostgreSQL",
"versions": [
{
"status": "affected",
"version": "all 11.x before 11.5"
},
{
"status": "affected",
"version": "all 10.x before 10.10"
},
{
"status": "affected",
"version": "all 9.6.x before 9.6.15"
},
{
"status": "affected",
"version": "all 9.5.x before 9.5.19"
},
{
"status": "affected",
"version": "all 9.4.x before 9.4.24"
}
]
}
]Related
suse
suse
Security update for postgresql10 (important)
2019-09-04 00:00:00
Security update for postgresql96, postgresql10 and postgresql12 (moderate)
2020-08-17 00:00:00
altlinux
altlinux
nessus
nessus
Photon OS 2.0: Postgresql PHSA-2019-2.0-0190
2019-12-31 00:00:00
Amazon Linux AMI : postgresql94 (ALAS-2020-1441)
2020-10-28 00:00:00
Photon OS 1.0: Postgresql PHSA-2019-1.0-0257
2019-12-31 00:00:00
prion
prion
Sql injection
2019-10-29 19:15:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2019:2159-1)
2021-04-19 00:00:00
Debian: Security Advisory (DSA-4492-1)
2019-08-10 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:2228-1)
2021-06-09 00:00:00
amazon
amazon
Medium: postgresql94
2020-10-26 18:25:00
Medium: postgresql95
2020-10-26 18:27:00
Important: postgresql92
2021-07-08 18:38:00
redhatcve
redhatcve
CVE-2019-10208
2019-08-08 18:52:21
ubuntucve
ubuntucve
CVE-2019-10208
2019-08-08 00:00:00
veracode
veracode
SQL Injection
2020-10-23 08:59:59
cve
cve
CVE-2019-10208
2019-10-29 19:15:16
debian
debian
[SECURITY] [DSA 4492-1] postgresql-9.6 security update
2019-08-08 20:19:59
[SECURITY] [DSA 4493-1] postgresql-11 security update
2019-08-08 20:24:41
[SECURITY] [DLA-1874-1] postgresql-9.4 security update
2019-08-09 08:33:57
alpinelinux
alpinelinux
CVE-2019-10208
2019-10-29 19:15:16
debiancve
debiancve
CVE-2019-10208
2019-10-29 19:15:16
osv
osv
CVE-2019-10208
2019-10-29 19:15:16
postgresql-9.6 - security update
2019-08-08 00:00:00
postgresql-9.4 - security update
2019-08-08 00:00:00
f5
f5
K10224912 : PostgreSQL vulnerability CVE-2019-10208
2020-07-27 00:00:00
nvd
nvd
CVE-2019-10208
2019-10-29 19:15:16
mageia
mageia
Updated postgresql packages fix security vulnerabilities
2019-08-18 15:39:41
postgresql
postgresql
Vulnerability in core server (CVE-2019-10208)
2019-08-08 00:00:00
ubuntu
ubuntu
PostgreSQL vulnerabilities
2019-08-09 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: libpq-11.5-1.fc30
2019-08-19 01:02:27
[SECURITY] Fedora 30 Update: postgresql-11.5-1.fc30
2019-08-19 01:02:28
[SECURITY] Fedora 29 Update: postgresql-10.10-1.fc29
2019-08-19 02:29:35
centos
centos
postgresql security update
2021-06-14 18:54:03
redhat
redhat
(RHSA-2021:1512) Important: postgresql security update
2021-05-06 09:02:33
(RHSA-2020:0980) Moderate: rh-postgresql10-postgresql security update
2020-03-26 11:47:39
(RHSA-2020:4295) Moderate: rh-postgresql96-postgresql security update
2020-10-21 12:43:33
archlinux
archlinux
[ASA-201908-8] postgresql: multiple issues
2019-08-10 00:00:00
[ASA-201908-7] postgresql-libs: multiple issues
2019-08-10 00:00:00
freebsd
freebsd
oraclelinux
oraclelinux
postgresql security update
2021-05-06 00:00:00
postgresql:10 security and bug fix update
2020-09-09 00:00:00
postgresql:9.6 security update
2020-12-23 00:00:00
kaspersky
kaspersky
KLA11539 Multiple vulnerabilities in PostgreSQL
2019-08-08 00:00:00
ibm
ibm
almalinux
almalinux
Important: postgresql:9.6 security update
2020-12-17 15:20:53
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2019-1.0-0257
2019-11-20 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2019-2.0-0190
2019-11-20 00:00:00
Critical Photon OS Security Update - PHSA-2019-0190
2019-11-20 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
9.1
Confidence
High
EPSS
0.002
Percentile
57.0%
Related for CVELIST:CVE-2019-10208