Lucene search

K

Veracode Vulnerability DatabaseVERACODE:23208

HistoryApr 10, 2020 - 12:19 a.m.

Denial Of Service (DoS)

2020-04-1000:19:39

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

11

EPSS

0.013

Percentile

86.0%

postgresql is vulnerable to denial of service (DoS). The vulnerability exists in PostgreSQL’s regular expression engine. An authenticated attacker could use these flaws to cause a denial of service by causing the PostgreSQL server to crash, enter an infinite loop, or use extensive CPU and memory resources while processing queries containing specially crafted regular expressions. Applications that accept regular expressions from untrusted sources may expose this problem to unauthorized attackers.

References

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154

lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html

secunia.com/advisories/28359

secunia.com/advisories/28376

secunia.com/advisories/28437

secunia.com/advisories/28438

secunia.com/advisories/28454

secunia.com/advisories/28455

secunia.com/advisories/28464

secunia.com/advisories/28477

secunia.com/advisories/28479

secunia.com/advisories/28679

secunia.com/advisories/28698

secunia.com/advisories/29638

security.gentoo.org/glsa/glsa-200801-15.xml

securitytracker.com/id?1019157

sourceforge.net/project/shownotes.php?release_id=565440&group_id=10894

sourceforge.net/tracker/index.php?func=detail&aid=1810264&group_id=10894&atid=110894

sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1

sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1

www.debian.org/security/2008/dsa-1460

www.debian.org/security/2008/dsa-1463

www.mandriva.com/security/advisories?name=MDVSA-2008:004

www.postgresql.org/about/news.905

www.redhat.com/security/updates/classification/#moderate

www.redhat.com/support/errata/RHSA-2008-0038.html

www.redhat.com/support/errata/RHSA-2008-0040.html

www.securityfocus.com/archive/1/485864/100/0/threaded

www.securityfocus.com/archive/1/486407/100/0/threaded

www.securityfocus.com/bid/27163

www.vupen.com/english/advisories/2008/0061

www.vupen.com/english/advisories/2008/0109

www.vupen.com/english/advisories/2008/1071/references

access.redhat.com/errata/RHSA-2008:0038

exchange.xforce.ibmcloud.com/vulnerabilities/39499

issues.rpath.com/browse/RPL-1768

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9804

usn.ubuntu.com/568-1/

www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html

www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html

EPSS

0.013

Percentile

86.0%

Related for VERACODE:23208

ubuntucve1 nvd1 postgresql1 cvelist1 cve1 prion1 fedora2 openvas30 suse1 nessus16 freebsd1 securityvulns2 oraclelinux1 centos1 osv2 ubuntu1 redhat2 debian2 gentoo1