VulnerableCode Package Details - pkg:ebuild/dev-db/postgresql-server@9.1.5

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-2nve-471m-17h6	SECURITY DEFINER and SET attributes on procedural call handlers are not ignored and can be used to crash the servermore details	CVE-2012-2655
VCID-35a3-5eq3-8bep	Passwords containing the byte 0x80 passed to the crypt() function in pgcrypto are incorrectly truncated if DES encryption was usedmore details	CVE-2012-2143
VCID-7jb6-q4x1-cfbw	xml_parse() DTD validation can be used to read arbitrary filesmore details	CVE-2012-3489
VCID-811b-x31n-tfch	Permissions on a function called by a trigger are not properly checked.more details	CVE-2012-0866
VCID-bdq4-br3j-7kb8	contrib/xml2's xslt_process() can be used to read and write arbitrary filesmore details	CVE-2012-3488
VCID-quqr-bg9k-7yb5	Line breaks in object names can be exploited to execute arbitrary SQL when reloading a pg_dump file.more details	CVE-2012-0868
VCID-ux6m-dn6j-37dc	SSL certificate name checks are truncated to 32 characters, allowing connection spoofing under some circumstances when using third party certificate authorities.more details	CVE-2012-0867

Vulnerability

Summary

Aliases

VCID-2nve-471m-17h6

SECURITY DEFINER and SET attributes on procedural call handlers are not ignored and can be used to crash the servermore details

CVE-2012-2655

VCID-35a3-5eq3-8bep

Passwords containing the byte 0x80 passed to the crypt() function in pgcrypto are incorrectly truncated if DES encryption was usedmore details

CVE-2012-2143

VCID-7jb6-q4x1-cfbw

xml_parse() DTD validation can be used to read arbitrary filesmore details

CVE-2012-3489

VCID-811b-x31n-tfch

Permissions on a function called by a trigger are not properly checked.more details

CVE-2012-0866

VCID-bdq4-br3j-7kb8

contrib/xml2's xslt_process() can be used to read and write arbitrary filesmore details

CVE-2012-3488

VCID-quqr-bg9k-7yb5

Line breaks in object names can be exploited to execute arbitrary SQL when reloading a pg_dump file.more details

CVE-2012-0868

VCID-ux6m-dn6j-37dc

SSL certificate name checks are truncated to 32 characters, allowing connection spoofing under some circumstances when using third party certificate authorities.more details

CVE-2012-0867

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T12:58:48.597224+00:00	Gentoo Importer	Fixing	VCID-7jb6-q4x1-cfbw	https://security.gentoo.org/glsa/201209-24	38.0.0
2026-04-01T12:58:48.588244+00:00	Gentoo Importer	Fixing	VCID-bdq4-br3j-7kb8	https://security.gentoo.org/glsa/201209-24	38.0.0
2026-04-01T12:58:48.579268+00:00	Gentoo Importer	Fixing	VCID-2nve-471m-17h6	https://security.gentoo.org/glsa/201209-24	38.0.0
2026-04-01T12:58:48.569955+00:00	Gentoo Importer	Fixing	VCID-35a3-5eq3-8bep	https://security.gentoo.org/glsa/201209-24	38.0.0
2026-04-01T12:58:48.560457+00:00	Gentoo Importer	Fixing	VCID-quqr-bg9k-7yb5	https://security.gentoo.org/glsa/201209-24	38.0.0
2026-04-01T12:58:48.549721+00:00	Gentoo Importer	Fixing	VCID-ux6m-dn6j-37dc	https://security.gentoo.org/glsa/201209-24	38.0.0
2026-04-01T12:58:48.540860+00:00	Gentoo Importer	Fixing	VCID-811b-x31n-tfch	https://security.gentoo.org/glsa/201209-24	38.0.0