VulnerableCode Package Details - pkg:generic/postgresql@8.3.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:generic/postgresql@8.3.0

Essentials
History (18)

purl	pkg:generic/postgresql@8.3.0

Next non-vulnerable version	8.3.7
Latest non-vulnerable version	18.2.0
Risk	7.2

Vulnerabilities affecting this package (18)

Vulnerability	Summary	Fixed by
VCID-1qsp-wvwq-j3f5 Aliases: CVE-2009-0922	It is possible to cause a momentary denial of service when there is a failure to convert a localized error message to the client-specified encoding. A valid login is required to exploit this vulnerability.more details	8.3.7 Affected by 0 other vulnerabilities.
VCID-1uzm-h9m3-akge Aliases: CVE-2010-1170	Insecure permissions on the pltcl_modules table could allow an authenticated user to run arbitrary Tcl code on the database server if PL/Tcl is installed and enabled.more details	8.3.11 Affected by 0 other vulnerabilities. 8.4.4 Affected by 0 other vulnerabilities.
VCID-2nve-471m-17h6 Aliases: CVE-2012-2655	SECURITY DEFINER and SET attributes on procedural call handlers are not ignored and can be used to crash the servermore details	8.3.19 Affected by 0 other vulnerabilities. 8.4.12 Affected by 0 other vulnerabilities. 9.0.8 Affected by 0 other vulnerabilities. 9.1.4 Affected by 0 other vulnerabilities.
VCID-35a3-5eq3-8bep Aliases: CVE-2012-2143	Passwords containing the byte 0x80 passed to the crypt() function in pgcrypto are incorrectly truncated if DES encryption was usedmore details	8.3.19 Affected by 0 other vulnerabilities. 8.4.12 Affected by 0 other vulnerabilities. 9.0.8 Affected by 0 other vulnerabilities. 9.1.4 Affected by 0 other vulnerabilities.
VCID-666x-ret3-xufr Aliases: CVE-2010-4015	An authenticated database user can cause a buffer overrun by calling functions from the intarray optional module with certain parameters.more details	8.3.14 Affected by 0 other vulnerabilities. 8.4.7 Affected by 0 other vulnerabilities. 9.0.3 Affected by 0 other vulnerabilities.
VCID-6dmy-t1qp-nuf3 Aliases: CVE-2009-3231	If PostgreSQL is configured with LDAP authentication, and your LDAP configuration allows anonymous binds, it is possible for a user to authenticate themselves with an empty password.more details	8.3.8 Affected by 0 other vulnerabilities.
VCID-6mck-xykx-yuba Aliases: CVE-2013-0255	executing enum_recv() with wrong parameters crashes servermore details	8.3.23 Affected by 0 other vulnerabilities. 8.4.16 Affected by 0 other vulnerabilities. 9.0.12 Affected by 0 other vulnerabilities. 9.1.8 Affected by 0 other vulnerabilities. 9.2.3 Affected by 0 other vulnerabilities.
VCID-721k-9zdg-buhv Aliases: CVE-2009-3230	The fix for issue CVE-2007-6600 (below) failed to include protection against misuse of RESET SESSION AUTHORIZATION.more details	8.3.8 Affected by 0 other vulnerabilities. 8.4.1 Affected by 0 other vulnerabilities.
VCID-7jb6-q4x1-cfbw Aliases: CVE-2012-3489	xml_parse() DTD validation can be used to read arbitrary filesmore details	8.3.20 Affected by 0 other vulnerabilities. 8.4.13 Affected by 0 other vulnerabilities. 9.0.9 Affected by 0 other vulnerabilities. 9.1.5 Affected by 0 other vulnerabilities.
VCID-7q99-jk4u-1fen Aliases: CVE-2010-3433	An authenticated database user can manipulate modules and tied variables in some external procedural languages to execute code with enhanced privileges.Detailsmore details	8.3.12 Affected by 0 other vulnerabilities. 8.4.5 Affected by 0 other vulnerabilities. 9.0.1 Affected by 0 other vulnerabilities.
VCID-811b-x31n-tfch Aliases: CVE-2012-0866	Permissions on a function called by a trigger are not properly checked.more details	8.3.18 Affected by 0 other vulnerabilities. 8.4.11 Affected by 0 other vulnerabilities. 9.0.7 Affected by 0 other vulnerabilities. 9.1.3 Affected by 0 other vulnerabilities.
VCID-bdq4-br3j-7kb8 Aliases: CVE-2012-3488	contrib/xml2's xslt_process() can be used to read and write arbitrary filesmore details	8.3.20 Affected by 0 other vulnerabilities. 8.4.13 Affected by 0 other vulnerabilities. 9.0.9 Affected by 0 other vulnerabilities. 9.1.5 Affected by 0 other vulnerabilities.
VCID-c8ch-zd9x-kufn Aliases: CVE-2009-4034	NULL Bytes in SSL Certificates can be used to falsify client or server authentication. This only affects users who have SSL enabled, perform certificate name validation or client certificate authentication, and where the Certificate Authority (CA) has been tricked into issuing invalid certificates. The use of a CA that can be trusted to always issue valid certificates is recommended to ensure you are not vulnerable to this issue.more details	8.3.9 Affected by 0 other vulnerabilities. 8.4.2 Affected by 0 other vulnerabilities.
VCID-cffd-gdpc-uqeb Aliases: CVE-2010-1169	A vulnerability in Safe.pm and PL/Perl can allow an authenticated user to run arbitrary Perl code on the database server if PL/Perl is installed and enabled.more details	8.3.11 Affected by 0 other vulnerabilities. 8.4.4 Affected by 0 other vulnerabilities.
VCID-quqr-bg9k-7yb5 Aliases: CVE-2012-0868	Line breaks in object names can be exploited to execute arbitrary SQL when reloading a pg_dump file.more details	8.3.18 Affected by 0 other vulnerabilities. 8.4.11 Affected by 0 other vulnerabilities. 9.0.7 Affected by 0 other vulnerabilities. 9.1.3 Affected by 0 other vulnerabilities.
VCID-s8a2-wbb4-dyda Aliases: CVE-2009-3229	Authenticated non-superusers can shut down the backend server by re-LOAD-ing libraries in $libdir/plugins, if any libraries are present there.more details	8.3.8 Affected by 0 other vulnerabilities. 8.4.1 Affected by 0 other vulnerabilities.
VCID-u5h4-4p6j-wbay Aliases: CVE-2009-4136	Privilege escalation via changing session state in an index function. This closes a corner case related to vulnerabilities CVE-2009-3230 and CVE-2007-6600 (below).more details	8.3.9 Affected by 0 other vulnerabilities. 8.4.2 Affected by 0 other vulnerabilities.
VCID-v69z-cmag-xfaf Aliases: CVE-2010-1975	An unprivileged database user can remove superuser-only settings that were applied to his account with ALTER USER by a superuser, thus bypassing settings that should be enforced.more details	8.3.11 Affected by 0 other vulnerabilities. 8.4.4 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T12:36:08.795406+00:00	PostgreSQL Importer	Affected by	VCID-6dmy-t1qp-nuf3	https://www.postgresql.org/support/security/CVE-2009-3231	38.0.0
2026-04-01T12:36:04.812018+00:00	PostgreSQL Importer	Affected by	VCID-s8a2-wbb4-dyda	https://www.postgresql.org/support/security/CVE-2009-3229	38.0.0
2026-04-01T12:36:04.230212+00:00	PostgreSQL Importer	Affected by	VCID-666x-ret3-xufr	https://www.postgresql.org/support/security/CVE-2010-4015	38.0.0
2026-04-01T12:36:04.183400+00:00	PostgreSQL Importer	Affected by	VCID-811b-x31n-tfch	https://www.postgresql.org/support/security/CVE-2012-0866	38.0.0
2026-04-01T12:36:04.105883+00:00	PostgreSQL Importer	Affected by	VCID-quqr-bg9k-7yb5	https://www.postgresql.org/support/security/CVE-2012-0868	38.0.0
2026-04-01T12:36:04.063008+00:00	PostgreSQL Importer	Affected by	VCID-35a3-5eq3-8bep	https://www.postgresql.org/support/security/CVE-2012-2143	38.0.0
2026-04-01T12:36:04.014319+00:00	PostgreSQL Importer	Affected by	VCID-2nve-471m-17h6	https://www.postgresql.org/support/security/CVE-2012-2655	38.0.0
2026-04-01T12:36:03.968851+00:00	PostgreSQL Importer	Affected by	VCID-bdq4-br3j-7kb8	https://www.postgresql.org/support/security/CVE-2012-3488	38.0.0
2026-04-01T12:36:03.922396+00:00	PostgreSQL Importer	Affected by	VCID-7jb6-q4x1-cfbw	https://www.postgresql.org/support/security/CVE-2012-3489	38.0.0
2026-04-01T12:36:03.856562+00:00	PostgreSQL Importer	Affected by	VCID-6mck-xykx-yuba	https://www.postgresql.org/support/security/CVE-2013-0255	38.0.0
2026-04-01T12:35:59.410950+00:00	PostgreSQL Importer	Affected by	VCID-1qsp-wvwq-j3f5	https://www.postgresql.org/support/security/CVE-2009-0922	38.0.0
2026-04-01T12:35:59.338507+00:00	PostgreSQL Importer	Affected by	VCID-721k-9zdg-buhv	https://www.postgresql.org/support/security/CVE-2009-3230	38.0.0
2026-04-01T12:35:59.267153+00:00	PostgreSQL Importer	Affected by	VCID-c8ch-zd9x-kufn	https://www.postgresql.org/support/security/CVE-2009-4034	38.0.0
2026-04-01T12:35:59.189075+00:00	PostgreSQL Importer	Affected by	VCID-u5h4-4p6j-wbay	https://www.postgresql.org/support/security/CVE-2009-4136	38.0.0
2026-04-01T12:35:59.114439+00:00	PostgreSQL Importer	Affected by	VCID-cffd-gdpc-uqeb	https://www.postgresql.org/support/security/CVE-2010-1169	38.0.0
2026-04-01T12:35:59.036176+00:00	PostgreSQL Importer	Affected by	VCID-1uzm-h9m3-akge	https://www.postgresql.org/support/security/CVE-2010-1170	38.0.0
2026-04-01T12:35:58.962571+00:00	PostgreSQL Importer	Affected by	VCID-v69z-cmag-xfaf	https://www.postgresql.org/support/security/CVE-2010-1975	38.0.0
2026-04-01T12:35:58.859276+00:00	PostgreSQL Importer	Affected by	VCID-7q99-jk4u-1fen	https://www.postgresql.org/support/security/CVE-2010-3433	38.0.0