postgresql13 (SUSE:Linux Enterprise Module for Basesystem 15 SP3) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Basesystem 15 SP3 package postgresql13, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (8)
CVE-2022-1552 — CVSS 8.8 (high): A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another…
CVE-2021-32027 — CVSS 8.8 (high): A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain…
CVE-2021-23214 — CVSS 8.1 (high): When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle…
CVE-2022-2625 — CVSS 8.0 (high): A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the…
CVE-2021-32029 — CVSS 6.5 (medium): A flaw was found in postgresql. Using an UPDATE ... RETURNING command on a purpose-crafted table, an authenticated database user could read…
CVE-2021-3677 — CVSS 6.5 (medium): A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any…
CVE-2021-32028 — CVSS 6.5 (medium): A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an authenticated database…
CVE-2021-23222 — CVSS 5.9 (medium): A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification…