postgresql14 (SUSE:Manager Server 4.3) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Manager Server 4.3 package postgresql14, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (8)
CVE-2024-10979 — CVSS 8.8 (high): Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process…
CVE-2024-7348 — CVSS 8.8 (high): Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as…
CVE-2025-1094 — CVSS 8.1 (high): Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and…
CVE-2024-0985 — CVSS 8.0 (high): Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as…
CVE-2025-4207 — CVSS 5.9 (medium): Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on…
CVE-2024-10978 — CVSS 4.2 (medium): Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those…
CVE-2024-10976 — CVSS 4.2 (medium): Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended…
CVE-2024-10977 — CVSS 3.1 (low): Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL…