VulnerableCode Package Details - pkg:rpm/redhat/postgresql18-main@18.3-1.2?arch=hum1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:rpm/redhat/postgresql18-main@18.3-1.2?arch=hum1

Essentials
History (8)

purl	pkg:rpm/redhat/postgresql18-main@18.3-1.2?arch=hum1

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	4.0

Vulnerabilities affecting this package (8)

Vulnerability	Summary	Fixed by
VCID-4d43-twjt-v7hs Aliases: CVE-2026-2003	PostgreSQL oidvector discloses a few bytes of memorymore details	There are no reported fixed by versions.
VCID-7asd-nhem-wbbr Aliases: CVE-2026-2005	PostgreSQL pgcrypto heap buffer overflow executes arbitrary codemore details	There are no reported fixed by versions.
VCID-b13k-m1w4-1faz Aliases: CVE-2026-2006	PostgreSQL missing validation of multibyte character length executes arbitrary codemore details	There are no reported fixed by versions.
VCID-fck5-tfaf-5kbx Aliases: CVE-2025-12817	PostgreSQL CREATE STATISTICS does not check for schema CREATE privilegemore details	There are no reported fixed by versions.
VCID-kfy3-jgjm-myge Aliases: CVE-2025-12818	PostgreSQL libpq undersizes allocations, via integer wraparoundmore details	There are no reported fixed by versions.
VCID-npaz-u5a8-17bs Aliases: CVE-2026-2007	PostgreSQL pg_trgm heap buffer overflow writes pattern onto server memorymore details	There are no reported fixed by versions.
VCID-ucu8-nb95-hfca Aliases: CVE-2026-2004	PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary codemore details	There are no reported fixed by versions.
VCID-v69z-cmag-xfaf Aliases: CVE-2010-1975	An unprivileged database user can remove superuser-only settings that were applied to his account with ALTER USER by a superuser, thus bypassing settings that should be enforced.more details	There are no reported fixed by versions.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-21T22:40:48.508534+00:00	RedHat Importer	Affected by	VCID-v69z-cmag-xfaf	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1975.json	38.4.0
2026-04-21T22:40:18.416629+00:00	RedHat Importer	Affected by	VCID-kfy3-jgjm-myge	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12818.json	38.4.0
2026-04-21T22:40:18.048889+00:00	RedHat Importer	Affected by	VCID-fck5-tfaf-5kbx	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12817.json	38.4.0
2026-04-21T22:38:53.499102+00:00	RedHat Importer	Affected by	VCID-4d43-twjt-v7hs	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2003.json	38.4.0
2026-04-21T22:38:53.203875+00:00	RedHat Importer	Affected by	VCID-ucu8-nb95-hfca	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2004.json	38.4.0
2026-04-21T22:38:52.838552+00:00	RedHat Importer	Affected by	VCID-7asd-nhem-wbbr	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2005.json	38.4.0
2026-04-21T22:38:52.473358+00:00	RedHat Importer	Affected by	VCID-b13k-m1w4-1faz	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2006.json	38.4.0
2026-04-21T22:38:52.334901+00:00	RedHat Importer	Affected by	VCID-npaz-u5a8-17bs	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2007.json	38.4.0