pkg:Alpine/postgresql
41 total CVEsCRITICAL3HIGH22MEDIUM14LOW2
✅ Check your installed version
All known vulnerabilities
- CRITICAL9.8CVE-2018-16850postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ...from 0, < 11.1-r0
- from 0, < 9.6.4-r0
- CRITICAL9.1CVE-2018-1115postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_logfile_rotate() function doesn't follow…from 0, < 10.4-r0
- HIGH8.8CVE-2023-39417Postgresql: extension script @substitutions@ within quoting allow sql injectionfrom 0, < 13.12-r0
- from 0, < 13.7-r0
- from 0, < 11.12-r0
- HIGH8.8CVE-2020-25695A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24.from 0, < 11.10-r0
- from 0, < 11.5-r0
- HIGH8.8CVE-2019-10164PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow.from 0, < 11.4-r0
- HIGH8.8CVE-2018-1058A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users.from 0, < 10.3-r0
- HIGH8.8CVE-2017-7547PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attac…from 0, < 9.6.4-r0
- from 0, < 12.9-r0
- from 0, < 11.10-r0
- HIGH8.1CVE-2018-10925It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed to properly check authorization on certai…from 0, < 10.5-r0
- from 0, < 10.1-r0
- from 0, < 13.8-r0
- HIGH7.5CVE-2020-25696A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.…from 0, < 11.10-r0
- from 0, < 10.5-r0
- HIGH7.5CVE-2017-7548PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no pri…from 0, < 9.6.4-r0
- from 0, < 9.6.3-r0
- from 0, < 9.6.3-r0
- from 0, < 11.9-r0
- from 0, < 13.11-r0
- HIGH7.1CVE-2020-14349It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical re…from 0, < 11.9-r0
- from 0, < 10.2-r0
- from 0, < 12.8-r0
- from 0, < 11.12-r0
- from 0, < 11.12-r0
- from 0, < 11.7-r0
- from 0, < 11.3-r0
- MEDIUM6.5CVE-2018-1052Memory disclosure vulnerability in table partitioning was found in postgresql 10.x before 10.2, allowing an authenticated attacker to read…from 0, < 10.2-r0
- MEDIUM6.5CVE-2017-15099INSERT ... ON CONFLICT DO UPDATE commands in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, and 9.5.x before 9.5.10 disclose table conten…from 0, < 10.1-r0
- MEDIUM5.9CVE-2021-23222A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification…from 0, < 12.9-r0
- MEDIUM5.9CVE-2017-7485In PostgreSQL 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3, it was found that the PGREQUIRESSL envi…from 0, < 9.6.3-r0
- MEDIUM5.4CVE-2023-2455Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases w…from 0, < 13.11-r0
- from 0, < 13.12-r0
- MEDIUM4.3CVE-2021-3393An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11.from 0, < 11.11-r0
- from 0, < 12.6-r0
- from 0, < 11.3-r0
- LOW3.7CVE-2022-41862In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption.from 0, < 13.11-r0
- LOW2.2CVE-2019-10209Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan.from 0, < 11.5-r0