postgresql13 (SUSE:Linux Enterprise Module for Package Hub 15 SP2) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Package Hub 15 SP2 package postgresql13, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (11)
CVE-2021-32027 — CVSS 8.8 (high): A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain…
CVE-2020-25695 — CVSS 8.8 (high): A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker…
CVE-2020-25694 — CVSS 8.1 (high): A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client…
CVE-2021-23214 — CVSS 8.1 (high): When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle…
CVE-2020-25696 — CVSS 7.5 (high): A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before…
CVE-2021-3677 — CVSS 6.5 (medium): A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any…
CVE-2021-32028 — CVSS 6.5 (medium): A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an authenticated database…
CVE-2021-32029 — CVSS 6.5 (medium): A flaw was found in postgresql. Using an UPDATE ... RETURNING command on a purpose-crafted table, an authenticated database user could read…
CVE-2021-23222 — CVSS 5.9 (medium): A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification…
CVE-2021-20229 — CVSS 4.3 (medium): A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privilege on one column to craft a special…
CVE-2021-3393 — CVSS 4.3 (medium): An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. A user having UPDATE permission but…