postgresql16 (SUSE:Linux Enterprise Module for Server Applications 15 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Server Applications 15 SP5 package postgresql16, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (10)
CVE-2024-10979 — CVSS 8.8 (high): Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process…
CVE-2023-5869 — CVSS 8.8 (high): A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during…
CVE-2024-7348 — CVSS 8.8 (high): Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as…
CVE-2024-0985 — CVSS 8.0 (high): Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as…
CVE-2023-5868 — CVSS 4.3 (medium): A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain…
CVE-2024-10978 — CVSS 4.2 (medium): Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those…
CVE-2024-10976 — CVSS 4.2 (medium): Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended…
CVE-2024-10977 — CVSS 3.1 (low): Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL…
CVE-2024-4317 — CVSS 3.1 (low): Missing authorization in PostgreSQL built-in views pg_stats_ext and pg_stats_ext_exprs allows an unprivileged database user to read most…
CVE-2023-5870 — CVSS 2.2 (low): A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication…