Lucene search
UbuntuUSN-6570-1HistoryJan 09, 2024 - 12:00 a.m.
PostgreSQL vulnerabilities
2024-01-0900:00:00
ubuntu.com
17
postgresql
ubuntu 16.04
esm
array values
sensitive information
arbitrary code
cve-2023-5869
pg_signal_backend
superuser processes
cve-2023-5870
security vulnerability
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.4 High
AI Score
Confidence
Low
0.015 Low
EPSS
Percentile
86.7%
Releases
- Ubuntu 16.04 ESM
Packages
- postgresql-9.5 - Object-relational SQL database
Details
Pedro Gallegos discovered that PostgreSQL incorrectly handled modifying
certain SQL array values. A remote attacker could use this issue to obtain
sensitive information, or possibly execute arbitrary code. (CVE-2023-5869)
Hemanth Sandrana and Mahendrakar Srinivasarao discovered that PostgreSQL
allowed the pg_signal_backend role to signal certain superuser processes,
contrary to expectations. (CVE-2023-5870)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 16.04 | noarch | postgresql-9.5 | < 9.5.25-0ubuntu0.16.04.1+esm6 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libecpg-compat3 | < 9.5.25-0ubuntu0.16.04.1 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libecpg-compat3-dbgsym | < 9.5.25-0ubuntu0.16.04.1 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libecpg-dev | < 9.5.25-0ubuntu0.16.04.1 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libecpg-dev-dbgsym | < 9.5.25-0ubuntu0.16.04.1 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libecpg6 | < 9.5.25-0ubuntu0.16.04.1 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libecpg6-dbgsym | < 9.5.25-0ubuntu0.16.04.1 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libpgtypes3 | < 9.5.25-0ubuntu0.16.04.1 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libpgtypes3-dbgsym | < 9.5.25-0ubuntu0.16.04.1 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libpq-dev | < 9.5.25-0ubuntu0.16.04.1 | UNKNOWN |
Related
nessus
nessus
Ubuntu 16.04 ESM : PostgreSQL vulnerabilities (USN-6570-1)
2024-01-09 00:00:00
Amazon Linux 2 : postgresql (ALASPOSTGRESQL12-2024-007)
2024-01-24 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6570-1)
2024-01-10 00:00:00
openSUSE: Security Advisory for postgresql14 (SUSE-SU-2023:4479-1)
2024-03-04 00:00:00
Debian: Security Advisory (DLA-3651-1)
2023-11-14 00:00:00
osv
osv
postgresql-9.5 vulnerabilities
2024-01-09 10:29:04
postgresql-12, postgresql-14, postgresql-15 vulnerabilities
2023-12-06 15:11:27
postgresql-10 vulnerabilities
2024-01-17 05:20:49
debian
debian
[SECURITY] [DLA 3651-1] postgresql-11 security update
2023-11-14 08:34:40
[SECURITY] [DSA 5554-1] postgresql-13 security update
2023-11-13 21:27:39
[SECURITY] [DSA 5553-1] postgresql-15 security update
2023-11-13 21:15:25
redos
redos
ROS-20240329-13
2024-03-29 00:00:00
ROS-20240329-14
2024-03-29 00:00:00
ROS-20240329-12
2024-03-29 00:00:00
ubuntu
ubuntu
PostgreSQL vulnerabilities
2024-01-17 00:00:00
PostgreSQL vulnerabilities
2023-12-06 00:00:00
mageia
mageia
Updated postgresql packages fix security vulnerabilities
2023-11-22 04:49:25
kaspersky
kaspersky
KLA61933 Multiple vulnerabilities in PostgreSQL
2023-11-09 00:00:00
cloudfoundry
cloudfoundry
USN-6538-1: PostgreSQL vulnerabilities | Cloud Foundry
2024-03-18 00:00:00
oraclelinux
oraclelinux
postgresql:13 security update
2023-11-30 00:00:00
postgresql:12 security update
2023-12-18 00:00:00
postgresql security update
2023-12-15 00:00:00
redhat
redhat
(RHSA-2023:7581) Important: postgresql:13 security update
2023-11-29 13:53:50
(RHSA-2023:7656) Important: postgresql:12 security update
2023-12-05 15:53:00
(RHSA-2023:7770) Important: rh-postgresql12-postgresql security update
2023-12-13 07:47:10
rocky
rocky
postgresql:12 security update
2024-01-09 04:07:10
postgresql:13 security update
2023-12-06 23:16:33
postgresql:15 security update
2024-01-09 04:08:12
almalinux
almalinux
Important: postgresql:12 security update
2023-12-11 00:00:00
Important: postgresql:13 security update
2023-11-29 00:00:00
Important: postgresql security update
2023-12-13 00:00:00
ibm
ibm
ubuntucve
ubuntucve
CVE-2023-5870
2023-11-15 00:00:00
CVE-2023-5869
2023-11-15 00:00:00
veracode
veracode
Denial Of Service (DOS)
2023-11-27 21:04:45
Arbitrary Code Execution
2023-11-27 21:07:19
cvelist
cvelist
nvd
nvd
CVE-2023-5870
2023-12-10 18:15:07
CVE-2023-5869
2023-12-10 18:15:07
alpinelinux
alpinelinux
CVE-2023-5869
2023-12-10 18:15:07
CVE-2023-5870
2023-12-10 18:15:07
cgr
cgr
CVE-2023-5870 vulnerabilities
2024-05-19 03:07:16
CVE-2023-5869 vulnerabilities
2024-05-19 03:07:16
cbl_mariner
cbl_mariner
CVE-2023-5870 affecting package postgresql for versions less than 16.3-1
2024-05-31 18:55:08
CVE-2023-5869 affecting package postgresql for versions less than 14.10-1
2024-01-14 22:46:30
prion
prion
Integer overflow
2023-12-10 18:15:00
Design/Logic Flaw
2023-12-10 18:15:00
cve
cve
CVE-2023-5869
2023-12-10 18:15:07
CVE-2023-5870
2023-12-10 18:15:07
freebsd
freebsd
redhatcve
redhatcve
CVE-2023-5869
2023-11-10 10:44:59
CVE-2023-5870
2023-11-10 10:44:58
debiancve
debiancve
CVE-2023-5869
2023-12-10 18:15:07
CVE-2023-5870
2023-12-10 18:15:07
wolfi
wolfi
CVE-2023-5869 vulnerabilities
2024-07-05 21:08:40
CVE-2023-5870 vulnerabilities
2024-07-05 21:08:40
centos
centos
postgresql security update
2024-01-12 19:13:08
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0513
2023-11-16 00:00:00
amazon
amazon
Important: postgresql
2024-06-06 20:17:00
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.4 High
AI Score
Confidence
Low
0.015 Low
EPSS
Percentile
86.7%
Related for USN-6570-1