Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:HPE Helion OpenStack 8 package postgresql10, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (12)
CVE-2019-10164 — CVSS 8.8 (high): PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user…
CVE-2020-25695 — CVSS 8.8 (high): A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker…
CVE-2021-32027 — CVSS 8.8 (high): A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain…
CVE-2022-1552 — CVSS 8.8 (high): A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another…
CVE-2021-23214 — CVSS 8.1 (high): When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle…
CVE-2020-25694 — CVSS 8.1 (high): A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client…
CVE-2020-25696 — CVSS 7.5 (high): A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before…
CVE-2020-14350 — CVSS 7.3 (high): It was found that some PostgreSQL extensions did not use search_path safely in their installation script. An attacker with sufficient…
CVE-2020-14349 — CVSS 7.1 (high): It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical…
CVE-2021-32028 — CVSS 6.5 (medium): A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an authenticated database…
CVE-2021-23222 — CVSS 5.9 (medium): A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification…
CVE-2020-1720 — CVSS 3.1 (low): A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub-commands did not perform authorization checks. An…