Search CVE reports
1 – 4 of 4 results
CVE-2019-3466
Medium priorityThe pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation.
1 affected package
postgresql-common
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
postgresql-common | — | — | — | Fixed | Fixed |
CVE-2017-8806
Medium priorityThe Debian pg_ctlcluster, pg_createcluster, and pg_upgradecluster scripts, as distributed in the Debian postgresql-common package before 181+deb9u1 for PostgreSQL (and other packages related to Debian and Ubuntu), handled symbolic...
1 affected package
postgresql-common
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
postgresql-common | — | — | — | — | Fixed |
CVE-2016-1255
Medium prioritySome fixes available 2 of 4
The pg_ctlcluster script in postgresql-common package in Debian wheezy before 134wheezy5, in Debian jessie before 165+deb8u2, in Debian unstable before 178, in Ubuntu 12.04 LTS before 129ubuntu1.2, in Ubuntu 14.04 LTS before...
1 affected package
postgresql-common
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
postgresql-common | — | — | — | — | Fixed |
CVE-2005-1409
Unknown priorityPostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain character conversion functions, which allows unprivileged users to call those functions with malicious values, with unknown impact, aka the "Character...
6 affected packages
postgresql, postgresql-7.4, postgresql-8.0, postgresql-8.1, postgresql-8.2, postgresql-common
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
postgresql | — | — | — | — | — |
postgresql-7.4 | — | — | — | — | — |
postgresql-8.0 | — | — | — | — | — |
postgresql-8.1 | — | — | — | — | — |
postgresql-8.2 | — | — | — | — | — |
postgresql-common | — | — | — | — | — |