7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.005 Low
EPSS
Percentile
76.5%
PostgreSQL Project reports:
This update fixes multiple security issues reported in PostgreSQL
over the past few months. All of these issues require prior
authentication, and some require additional conditions, and as such
are not considered generally urgent. However, users should examine
the list of security holes patched below in case they are particularly
vulnerable.
CVE-2015-0241 Buffer overruns in “to_char” functions.
CVE-2015-0242 Buffer overrun in replacement printf family of
functions.
CVE-2015-0243 Memory errors in functions in the pgcrypto extension.
CVE-2015-0244 An error in extended protocol message reading.
CVE-2014-8161 Constraint violation errors can cause display of values in columns
which the user would not normally have rights to see.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | postgresql90-server | = 9.0.0 | UNKNOWN |
FreeBSD | any | noarch | postgresql90-server | < 9.0.19 | UNKNOWN |
FreeBSD | any | noarch | postgresql91-server | = 9.1.0 | UNKNOWN |
FreeBSD | any | noarch | postgresql91-server | < 9.1.15 | UNKNOWN |
FreeBSD | any | noarch | postgresql92-server | = 9.2.0 | UNKNOWN |
FreeBSD | any | noarch | postgresql92-server | < 9.2.10 | UNKNOWN |
FreeBSD | any | noarch | postgresql93-server | = 9.3.0 | UNKNOWN |
FreeBSD | any | noarch | postgresql93-server | < 9.3.6 | UNKNOWN |
FreeBSD | any | noarch | postgresql94-server | = 9.4.0 | UNKNOWN |
FreeBSD | any | noarch | postgresql94-server | < 9.4.1 | UNKNOWN |
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.005 Low
EPSS
Percentile
76.5%