Gentoo FoundationMGASA-2023-0064

HistoryFeb 27, 2023 - 11:27 p.m.

Vulners
/
Mageia
/
Updated postgresql packages fix security vulnerability

Updated postgresql packages fix security vulnerability

2023-02-2723:27:16

Gentoo Foundation

advisories.mageia.org

postgresql

security fix

memory disclosure

cve-2022-41862

client-server

kerberos

unix

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

0.001 Low

EPSS

Percentile

34.5%

JSON

Client memory disclosure when connecting, with Kerberos, to modified server. (CVE-2022-41862)

OSVersionArchitecturePackageVersionFilename
Mageia8noarchpostgresql11< 11.19-1postgresql11-11.19-1.mga8
Mageia8noarchpostgresql13< 13.10-1postgresql13-13.10-1.mga8

OS	Version	Architecture	Package	Version	Filename
Mageia	8	noarch	postgresql11	< 11.19-1	postgresql11-11.19-1.mga8
Mageia	8	noarch	postgresql13	< 13.10-1	postgresql13-13.10-1.mga8

References

bugs.mageia.org/show_bug.cgi?id=31531

www.postgresql.org/about/news/postgresql-152-147-1310-1214-and-1119-released-2592/

altlinux 7

openvas 15

nessus 45

debian 1

cloudfoundry 1

osv 10

prion 1

veracode 1

oraclelinux 5

nvd 1

cvelist 1

kaspersky 1

cgr 1

ubuntu 1

ibm 10

cve 1

wolfi 1

cbl_mariner 2

ubuntucve 1

redhat 17

debiancve 1

freebsd 1

redhatcve 1

alpinelinux 1

almalinux 5

rocky 2

photon 2

redos 2

hp 1

ics 1

altlinux

Security fix for the ALT Linux 10 package postgresql14 version 14.7-alt1

2023-02-20 00:00:00

Security fix for the ALT Linux 9 package postgresql12-1C version 12.14-alt0.M90P.1

2023-02-28 00:00:00

Security fix for the ALT Linux 10 package postgresql12 version 12.14-alt1

2023-02-20 00:00:00

openvas

SUSE: Security Advisory (SUSE-SU-2023:0391-1)

2023-02-14 00:00:00

SUSE: Security Advisory (SUSE-SU-2023:0450-1)

2023-02-21 00:00:00

SUSE: Security Advisory (SUSE-SU-2023:0479-1)

2023-03-28 00:00:00

nessus

Oracle Linux 8 : libpq (ELSA-2023-7016)

2023-11-21 00:00:00

SUSE SLES12 Security Update : postgresql14 (SUSE-SU-2023:0392-1)

2023-02-15 00:00:00

SUSE SLES12 Security Update : postgresql12 (SUSE-SU-2023:0390-1)

2023-02-15 00:00:00

debian

[SECURITY] [DLA 3316-1] postgresql-11 security update

2023-02-10 13:33:02

cloudfoundry

USN-5906-1: PostgreSQL vulnerability | Cloud Foundry

2023-03-23 00:00:00

osv

Low: libpq security update

2023-11-14 00:00:00

BIT-postgresql-2022-41862

2024-03-06 11:03:45

Low: libpq security update

2023-11-07 00:00:00

prion

Code injection

2023-03-03 16:15:00

veracode

Information Disclosure

2023-02-11 23:04:31

oraclelinux

libpq security update

2023-11-11 00:00:00

libpq security update

2023-11-17 00:00:00

postgresql security update

2023-04-11 00:00:00

nvd

CVE-2022-41862

2023-03-03 16:15:09

cvelist

CVE-2022-41862

2023-03-03 00:00:00

kaspersky

KLA20223 OSI vulnerability in PostgreSQL

2023-02-09 00:00:00

cgr

CVE-2022-41862 vulnerabilities

2024-05-19 03:07:16

ubuntu

PostgreSQL vulnerability

2023-03-02 00:00:00

ibm

Security Bulletin: IBM Connect:Direct Web Services vulnerable to sensitive information exposure due to PostgreSQL (CVE-2022-41862)

2023-07-03 04:13:34

Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in PostgreSQL

2023-05-02 22:05:35

Security Bulletin: Vulnerabilities in cURL libcurl, PostgreSQL, PyPI cryptography, Node.js can affect IBM Spectrum Protect Plus

2023-06-20 16:46:31

cve

CVE-2022-41862

2023-03-03 16:15:09

wolfi

CVE-2022-41862 vulnerabilities

2024-07-09 09:08:46

cbl_mariner

CVE-2022-41862 affecting package postgresql for versions less than 14.11-1

2024-03-05 17:52:42

CVE-2022-41862 affecting package postgresql 12.15-1

2024-07-09 09:08:41

ubuntucve

CVE-2022-41862

2023-02-10 00:00:00

redhat

(RHSA-2023:7016) Low: libpq security update

2023-11-14 08:42:45

(RHSA-2023:6429) Low: libpq security update

2023-11-07 06:05:24

(RHSA-2023:1576) Moderate: postgresql:13 security update

2023-04-04 08:51:28

debiancve

CVE-2022-41862

2023-03-03 16:15:09

freebsd

PostgreSQL server -- Client memory disclosure when connecting, with Kerberos, to modified server.

2023-02-09 00:00:00

redhatcve

CVE-2022-41862

2023-02-15 15:29:59

alpinelinux

CVE-2022-41862

2023-03-03 16:15:09

almalinux

Low: libpq security update

2023-11-14 00:00:00

Low: libpq security update

2023-11-07 00:00:00

Moderate: postgresql security update

2023-04-11 00:00:00

rocky

postgresql:13 security update

2023-04-06 15:52:43

postgresql:12 security update

2023-10-06 23:10:12

photon

Low Photon OS Security Update - PHSA-2023-3.0-0531

2023-02-10 00:00:00

Important Photon OS Security Update - PHSA-2023-4.0-0336

2023-02-18 00:00:00

redos

ROS-20240329-12

2024-03-29 00:00:00

ROS-20240329-11

2024-03-29 00:00:00

HP Device Manager Vulnerability Update (5.0.12)

2024-01-26 00:00:00

ics

Siemens SCALANCE XCM-/XRM-300

2024-02-15 12:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

0.001 Low

EPSS

Percentile

34.5%

JSON

Related for MGASA-2023-0064