Search for packages
| purl | pkg:generic/postgresql@15.0.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-3kph-5gzq-ryhu
Aliases: CVE-2023-2455 |
Row security policies disregard user ID changes after inliningmore details |
Affected by 0 other vulnerabilities. |
|
VCID-4d43-twjt-v7hs
Aliases: CVE-2026-2003 |
PostgreSQL oidvector discloses a few bytes of memorymore details |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-5py6-fe2j-d3f4
Aliases: CVE-2023-2454 |
CREATE SCHEMA ... schema_element defeats protective search_path changesmore details |
Affected by 0 other vulnerabilities. |
|
VCID-621d-wrrx-n7ae
Aliases: CVE-2024-4317 |
Restrict visibility of "pg_stats_ext" and "pg_stats_ext_exprs" entries to the table ownermore details |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-66hr-98m2-a3gc
Aliases: CVE-2024-10977 |
PostgreSQL libpq retains an error message from man-in-the-middlemore details |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-6fq5-826e-fkeq
Aliases: CVE-2025-8713 |
PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child tablemore details |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-7asd-nhem-wbbr
Aliases: CVE-2026-2005 |
PostgreSQL pgcrypto heap buffer overflow executes arbitrary codemore details |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-8da2-zhsq-j7c4
Aliases: CVE-2024-10978 |
PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user IDmore details |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-ah54-w11h-eqef
Aliases: CVE-2024-7348 |
PostgreSQL relation replacement during pg_dump executes arbitrary SQLmore details |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-b13k-m1w4-1faz
Aliases: CVE-2026-2006 |
PostgreSQL missing validation of multibyte character length executes arbitrary codemore details |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-dck8-zvk3-q7f8
Aliases: CVE-2025-4207 |
PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validationmore details |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-dqcu-ceuq-wbb7
Aliases: CVE-2023-39418 |
MERGE fails to enforce UPDATE or SELECT row security policiesmore details |
Affected by 0 other vulnerabilities. |
|
VCID-dwqe-a6p3-tyf6
Aliases: CVE-2023-5869 |
Buffer overrun from integer overflow in array modificationmore details |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-fck5-tfaf-5kbx
Aliases: CVE-2025-12817 |
PostgreSQL CREATE STATISTICS does not check for schema CREATE privilegemore details |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-h5sa-959y-6fh4
Aliases: CVE-2025-8714 |
PostgreSQL pg_dump lets superuser of origin server execute arbitrary code in psql clientmore details |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-j4cc-p1t3-tydy
Aliases: CVE-2024-0985 |
PostgreSQL non-owner REFRESH MATERIALIZED VIEW CONCURRENTLY executes arbitrary SQLmore details |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-kfy3-jgjm-myge
Aliases: CVE-2025-12818 |
PostgreSQL libpq undersizes allocations, via integer wraparoundmore details |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-mxct-582s-pfad
Aliases: CVE-2025-1094 |
PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validationmore details |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-nwfr-t7xn-zuae
Aliases: CVE-2023-5870 |
Role "pg_signal_backend" can signal certain superuser processesmore details |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-q5z4-wv12-1fh7
Aliases: CVE-2023-5868 |
Memory disclosure in aggregate function callsmore details |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-rac3-kfb9-efgf
Aliases: CVE-2024-10976 |
PostgreSQL row security below e.g. subqueries disregards user ID changesmore details |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-u751-gq61-fbge
Aliases: CVE-2022-41862 |
Client memory disclosure when connecting, with Kerberos, to modified servermore details |
Affected by 0 other vulnerabilities. |
|
VCID-ucu8-nb95-hfca
Aliases: CVE-2026-2004 |
PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary codemore details |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-wetm-n31c-e3as
Aliases: CVE-2025-8715 |
PostgreSQL pg_dump newline in object name executes arbitrary code in psql client and in restore target servermore details |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-wxxg-2f53-w3ey
Aliases: CVE-2024-10979 |
PostgreSQL PL/Perl environment variable changes execute arbitrary codemore details |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-y871-sfhf-a7by
Aliases: CVE-2023-39417 |
Extension script @substitutions@ within quoting allow SQL injectionmore details |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||