postgresql is vulnerable to Information Disclosure. The vulnerability exists because a modified, unauthenticated server can send an unterminated string during the establishment of kerberos transport encryption where a libpq’s caller makes that message accessible to the attacker.
bugzilla.redhat.com/show_bug.cgi?id=2165722
bugzilla.suse.com/show_bug.cgi?id=1208102
github.com/postgres/postgres/commit/626f2c1d6b85a6a0780460c7acc306bc2c326266
secdb.alpinelinux.org/edge/community.yaml
secdb.alpinelinux.org/edge/main.yaml
secdb.alpinelinux.org/v3.14/main.yaml
secdb.alpinelinux.org/v3.15/main.yaml
secdb.alpinelinux.org/v3.16/main.yaml
secdb.alpinelinux.org/v3.17/community.yaml
secdb.alpinelinux.org/v3.17/main.yaml
security.netapp.com/advisory/ntap-20230427-0002/
www.postgresql.org/support/security/CVE-2022-41862/