Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/115?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/115?format=api", "purl": "pkg:generic/postgresql@17.0.0", "type": "generic", "namespace": "", "name": "postgresql", "version": "17.0.0", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "17.1.0", "latest_non_vulnerable_version": "18.2.0", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3497?format=api", "vulnerability_id": "VCID-4d43-twjt-v7hs", "summary": "PostgreSQL oidvector discloses a few bytes of memorymore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2003.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2003.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2003", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04814", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04822", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04865", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04883", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04848", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04866", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04921", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04904", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06496", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06326", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06351", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06363", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.0638", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06308", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2003" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2003", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2003" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-182-178-1612-1516-and-1421-released-3235/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-182-178-1612-1516-and-1421-released-3235/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2026-2003/", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N']" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-12T14:33:29Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2026-2003/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439322", "reference_id": "2439322", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439322" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3730", "reference_id": "RHSA-2026:3730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3887", "reference_id": "RHSA-2026:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3896", "reference_id": "RHSA-2026:3896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4059", "reference_id": "RHSA-2026:4059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4063", "reference_id": "RHSA-2026:4063", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4063" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4110", "reference_id": "RHSA-2026:4110", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4110" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4254", "reference_id": "RHSA-2026:4254", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4254" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4441", "reference_id": "RHSA-2026:4441", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4515", "reference_id": "RHSA-2026:4515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4544", "reference_id": "RHSA-2026:4544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4546", "reference_id": "RHSA-2026:4546", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4546" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4547", "reference_id": "RHSA-2026:4547", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4547" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4548", "reference_id": "RHSA-2026:4548", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4548" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8756", "reference_id": "RHSA-2026:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8756" }, { "reference_url": "https://usn.ubuntu.com/8072-1/", "reference_id": "USN-8072-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8072-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116?format=api", "purl": "pkg:generic/postgresql@17.8.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/111?format=api", "purl": "pkg:generic/postgresql@18.2.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@18.2.0" } ], "aliases": [ "CVE-2026-2003" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4d43-twjt-v7hs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3507?format=api", "vulnerability_id": "VCID-66hr-98m2-a3gc", "summary": "PostgreSQL libpq retains an error message from man-in-the-middlemore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10977.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10977.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10977", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57028", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57033", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57052", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57034", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.56982", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57077", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.571", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57127", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57129", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57141", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.5712", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57128", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57123", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57102", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10977" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-171-165-159-1414-1317-and-1221-released-2955/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-171-165-159-1414-1317-and-1221-released-2955/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2024-10977/", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N']" }, { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-14T18:53:39Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2024-10977/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326258", "reference_id": "2326258", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326258" }, { "reference_url": "https://security.gentoo.org/glsa/202412-12", "reference_id": "GLSA-202412-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-12" }, { "reference_url": "https://usn.ubuntu.com/7132-1/", "reference_id": "USN-7132-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7132-1/" }, { "reference_url": "https://usn.ubuntu.com/7358-1/", "reference_id": "USN-7358-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7358-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137?format=api", "purl": "pkg:generic/postgresql@17.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.1.0" } ], "aliases": [ "CVE-2024-10977" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-66hr-98m2-a3gc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3502?format=api", "vulnerability_id": "VCID-6fq5-826e-fkeq", "summary": "PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child tablemore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8713.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8713.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8713", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09307", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09454", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09428", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09413", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09305", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09358", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09408", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09319", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09393", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09441", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10356", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.1044", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10412", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10423", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14634", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14499", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8713" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-176-1610-1514-1419-1322-and-18-beta-3-released-3118/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-176-1610-1514-1419-1322-and-18-beta-3-released-3118/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2025-8713/", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N']" }, { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-14T19:50:52Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2025-8713/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388550", "reference_id": "2388550", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14827", "reference_id": "RHSA-2025:14827", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14827" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14862", "reference_id": "RHSA-2025:14862", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14869", "reference_id": "RHSA-2025:14869", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14869" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14870", "reference_id": "RHSA-2025:14870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14878", "reference_id": "RHSA-2025:14878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15013", "reference_id": "RHSA-2025:15013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15014", "reference_id": "RHSA-2025:15014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15015", "reference_id": "RHSA-2025:15015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15031", "reference_id": "RHSA-2025:15031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15057", "reference_id": "RHSA-2025:15057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15062", "reference_id": "RHSA-2025:15062", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15062" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15114", "reference_id": "RHSA-2025:15114", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15114" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15359", "reference_id": "RHSA-2025:15359", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15359" }, { "reference_url": "https://usn.ubuntu.com/7741-1/", "reference_id": "USN-7741-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7741-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/125?format=api", "purl": "pkg:generic/postgresql@17.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.6.0" } ], "aliases": [ "CVE-2025-8713" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6fq5-826e-fkeq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3495?format=api", "vulnerability_id": "VCID-7asd-nhem-wbbr", "summary": "PostgreSQL pgcrypto heap buffer overflow executes arbitrary codemore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2005.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2005.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2005", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07719", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07785", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07744", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07831", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07832", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07788", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07846", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07865", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07844", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07857", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10068", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10057", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10035", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.0998", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09915", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10079", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2005" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2005", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2005" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-182-178-1612-1516-and-1421-released-3235/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-182-178-1612-1516-and-1421-released-3235/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2026-2005/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H']" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-13T04:56:32Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2026-2005/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439326", "reference_id": "2439326", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3730", "reference_id": "RHSA-2026:3730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3887", "reference_id": "RHSA-2026:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3896", "reference_id": "RHSA-2026:3896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4024", "reference_id": "RHSA-2026:4024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4059", "reference_id": "RHSA-2026:4059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4063", "reference_id": "RHSA-2026:4063", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4063" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4064", "reference_id": "RHSA-2026:4064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4064" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4074", "reference_id": "RHSA-2026:4074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4075", "reference_id": "RHSA-2026:4075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4110", "reference_id": "RHSA-2026:4110", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4110" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4254", "reference_id": "RHSA-2026:4254", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4254" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4441", "reference_id": "RHSA-2026:4441", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4475", "reference_id": "RHSA-2026:4475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4504", "reference_id": "RHSA-2026:4504", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4504" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4505", "reference_id": "RHSA-2026:4505", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4506", "reference_id": "RHSA-2026:4506", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4506" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4509", "reference_id": "RHSA-2026:4509", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4509" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4515", "reference_id": "RHSA-2026:4515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4516", "reference_id": "RHSA-2026:4516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4518", "reference_id": "RHSA-2026:4518", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4518" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4524", "reference_id": "RHSA-2026:4524", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4524" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4528", "reference_id": "RHSA-2026:4528", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4528" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4544", "reference_id": "RHSA-2026:4544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4546", "reference_id": "RHSA-2026:4546", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4546" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4547", "reference_id": "RHSA-2026:4547", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4547" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4548", "reference_id": "RHSA-2026:4548", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4548" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8756", "reference_id": "RHSA-2026:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8756" }, { "reference_url": "https://usn.ubuntu.com/8072-1/", "reference_id": "USN-8072-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8072-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116?format=api", "purl": "pkg:generic/postgresql@17.8.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/111?format=api", "purl": "pkg:generic/postgresql@18.2.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@18.2.0" } ], "aliases": [ "CVE-2026-2005" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7asd-nhem-wbbr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3506?format=api", "vulnerability_id": "VCID-8da2-zhsq-j7c4", "summary": "PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user IDmore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10978.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10978.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10978", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69948", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69918", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69927", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.6993", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69905", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69786", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69802", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69778", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69826", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69841", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69865", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.6985", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69836", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69877", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69887", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69867", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10978" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-171-165-159-1414-1317-and-1221-released-2955/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-171-165-159-1414-1317-and-1221-released-2955/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2024-10978/", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N']" }, { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-14T18:53:38Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2024-10978/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326251", "reference_id": "2326251", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326251" }, { "reference_url": "https://security.gentoo.org/glsa/202412-12", "reference_id": "GLSA-202412-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10785", "reference_id": "RHSA-2024:10785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10787", "reference_id": "RHSA-2024:10787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10788", "reference_id": "RHSA-2024:10788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10791", "reference_id": "RHSA-2024:10791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10830", "reference_id": "RHSA-2024:10830", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10830" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10831", "reference_id": "RHSA-2024:10831", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10831" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10832", "reference_id": "RHSA-2024:10832", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10832" }, { "reference_url": "https://usn.ubuntu.com/7132-1/", "reference_id": "USN-7132-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7132-1/" }, { "reference_url": "https://usn.ubuntu.com/7358-1/", "reference_id": "USN-7358-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7358-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137?format=api", "purl": "pkg:generic/postgresql@17.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.1.0" } ], "aliases": [ "CVE-2024-10978" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8da2-zhsq-j7c4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3494?format=api", "vulnerability_id": "VCID-b13k-m1w4-1faz", "summary": "PostgreSQL missing validation of multibyte character length executes arbitrary codemore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2006.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2006.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2006", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09681", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09711", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09828", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09844", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.0988", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.0975", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09874", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09821", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11669", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11765", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11733", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11694", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11616", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11531", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.1243", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12386", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2006" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-182-178-1612-1516-and-1421-released-3235/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-182-178-1612-1516-and-1421-released-3235/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2026-2006/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H']" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-13T04:56:31Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2026-2006/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439324", "reference_id": "2439324", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3730", "reference_id": "RHSA-2026:3730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3887", "reference_id": "RHSA-2026:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3896", "reference_id": "RHSA-2026:3896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4024", "reference_id": "RHSA-2026:4024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4059", "reference_id": "RHSA-2026:4059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4063", "reference_id": "RHSA-2026:4063", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4063" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4064", "reference_id": "RHSA-2026:4064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4064" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4074", "reference_id": "RHSA-2026:4074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4075", "reference_id": "RHSA-2026:4075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4110", "reference_id": "RHSA-2026:4110", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4110" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4254", "reference_id": "RHSA-2026:4254", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4254" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4441", "reference_id": "RHSA-2026:4441", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4475", "reference_id": "RHSA-2026:4475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4504", "reference_id": "RHSA-2026:4504", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4504" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4505", "reference_id": "RHSA-2026:4505", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4506", "reference_id": "RHSA-2026:4506", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4506" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4509", "reference_id": "RHSA-2026:4509", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4509" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4515", "reference_id": "RHSA-2026:4515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4516", "reference_id": "RHSA-2026:4516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4518", "reference_id": "RHSA-2026:4518", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4518" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4524", "reference_id": "RHSA-2026:4524", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4524" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4528", "reference_id": "RHSA-2026:4528", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4528" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4544", "reference_id": "RHSA-2026:4544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4546", "reference_id": "RHSA-2026:4546", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4546" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4547", "reference_id": "RHSA-2026:4547", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4547" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4548", "reference_id": "RHSA-2026:4548", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4548" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8756", "reference_id": "RHSA-2026:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8756" }, { "reference_url": "https://usn.ubuntu.com/8072-1/", "reference_id": "USN-8072-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8072-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116?format=api", "purl": "pkg:generic/postgresql@17.8.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/111?format=api", "purl": "pkg:generic/postgresql@18.2.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@18.2.0" } ], "aliases": [ "CVE-2026-2006" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b13k-m1w4-1faz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3503?format=api", "vulnerability_id": "VCID-dck8-zvk3-q7f8", "summary": "PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validationmore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4207.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4207.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4207", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55554", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55641", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55569", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55586", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55561", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55507", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55592", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55616", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55594", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55646", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55649", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55658", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55637", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.5562", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55661", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4207" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-175-169-1513-1418-and-1321-released-3072/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-175-169-1513-1418-and-1321-released-3072/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2025-4207/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H']" }, { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T14:52:17Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2025-4207/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2365111", "reference_id": "2365111", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2365111" }, { "reference_url": "https://security.archlinux.org/AVG-2875", "reference_id": "AVG-2875", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14826", "reference_id": "RHSA-2025:14826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14827", "reference_id": "RHSA-2025:14827", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14827" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14862", "reference_id": "RHSA-2025:14862", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14899", "reference_id": "RHSA-2025:14899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15021", "reference_id": "RHSA-2025:15021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15022", "reference_id": "RHSA-2025:15022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15022" }, { "reference_url": "https://usn.ubuntu.com/7520-1/", "reference_id": "USN-7520-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7520-1/" }, { "reference_url": "https://usn.ubuntu.com/7520-2/", "reference_id": "USN-7520-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7520-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/129?format=api", "purl": "pkg:generic/postgresql@17.5.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.5.0" } ], "aliases": [ "CVE-2025-4207" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dck8-zvk3-q7f8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3499?format=api", "vulnerability_id": "VCID-fck5-tfaf-5kbx", "summary": "PostgreSQL CREATE STATISTICS does not check for schema CREATE privilegemore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12817.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12817.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12817", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16158", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.1612", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16236", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16102", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16169", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16954", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18916", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19009", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18997", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18953", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18832", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.2948", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29555", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29507", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29376", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.2944", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12817" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12817", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12817" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-181-177-1611-1515-1420-and-1323-released-3171/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-181-177-1611-1515-1420-and-1323-released-3171/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2025-12817/", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L']" }, { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T13:59:49Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2025-12817/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414825", "reference_id": "2414825", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22728", "reference_id": "RHSA-2025:22728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23022", "reference_id": "RHSA-2025:23022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23023", "reference_id": "RHSA-2025:23023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0262", "reference_id": "RHSA-2026:0262", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0262" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0263", "reference_id": "RHSA-2026:0263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0264", "reference_id": "RHSA-2026:0264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0265", "reference_id": "RHSA-2026:0265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0266", "reference_id": "RHSA-2026:0266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0266" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0267", "reference_id": "RHSA-2026:0267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0268", "reference_id": "RHSA-2026:0268", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0269", "reference_id": "RHSA-2026:0269", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0269" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0270", "reference_id": "RHSA-2026:0270", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0270" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0455", "reference_id": "RHSA-2026:0455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0456", "reference_id": "RHSA-2026:0456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0491", "reference_id": "RHSA-2026:0491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0492", "reference_id": "RHSA-2026:0492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0493", "reference_id": "RHSA-2026:0493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0519", "reference_id": "RHSA-2026:0519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0519" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0523", "reference_id": "RHSA-2026:0523", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0523" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0524", "reference_id": "RHSA-2026:0524", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0524" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0525", "reference_id": "RHSA-2026:0525", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0525" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8756", "reference_id": "RHSA-2026:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8756" }, { "reference_url": "https://usn.ubuntu.com/7908-1/", "reference_id": "USN-7908-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7908-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/121?format=api", "purl": "pkg:generic/postgresql@17.7.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/120?format=api", "purl": "pkg:generic/postgresql@18.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@18.1.0" } ], "aliases": [ "CVE-2025-12817" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fck5-tfaf-5kbx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3501?format=api", "vulnerability_id": "VCID-h5sa-959y-6fh4", "summary": "PostgreSQL pg_dump lets superuser of origin server execute arbitrary code in psql clientmore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8714.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8714.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8714", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07776", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07908", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07892", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07878", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07793", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07837", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07885", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07839", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07897", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07921", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08709", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08739", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08705", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.0875", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11986", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11852", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8714" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8714", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8714" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-176-1610-1514-1419-1322-and-18-beta-3-released-3118/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-176-1610-1514-1419-1322-and-18-beta-3-released-3118/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2025-8714/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H']" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-15T03:55:55Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2025-8714/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388553", "reference_id": "2388553", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388553" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14826", "reference_id": "RHSA-2025:14826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14827", "reference_id": "RHSA-2025:14827", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14827" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14862", "reference_id": "RHSA-2025:14862", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14869", "reference_id": "RHSA-2025:14869", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14869" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14870", "reference_id": "RHSA-2025:14870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14878", "reference_id": "RHSA-2025:14878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14899", "reference_id": "RHSA-2025:14899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15006", "reference_id": "RHSA-2025:15006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15012", "reference_id": "RHSA-2025:15012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15013", "reference_id": "RHSA-2025:15013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15014", "reference_id": "RHSA-2025:15014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15015", "reference_id": "RHSA-2025:15015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15021", "reference_id": "RHSA-2025:15021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15022", "reference_id": "RHSA-2025:15022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15031", "reference_id": "RHSA-2025:15031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15034", "reference_id": "RHSA-2025:15034", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15057", "reference_id": "RHSA-2025:15057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15062", "reference_id": "RHSA-2025:15062", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15062" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15114", "reference_id": "RHSA-2025:15114", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15114" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15115", "reference_id": "RHSA-2025:15115", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15115" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15359", "reference_id": "RHSA-2025:15359", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15359" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15361", "reference_id": "RHSA-2025:15361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16099", "reference_id": "RHSA-2025:16099", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16099" }, { "reference_url": "https://usn.ubuntu.com/7741-1/", "reference_id": "USN-7741-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7741-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/125?format=api", "purl": "pkg:generic/postgresql@17.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.6.0" } ], "aliases": [ "CVE-2025-8714" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h5sa-959y-6fh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3498?format=api", "vulnerability_id": "VCID-kfy3-jgjm-myge", "summary": "PostgreSQL libpq undersizes allocations, via integer wraparoundmore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12818.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12818.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12818", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12416", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12305", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12405", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12445", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.13009", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14891", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14947", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.1495", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14893", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14765", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26625", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26773", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26731", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26676", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26557", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12818" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12818", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12818" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-181-177-1611-1515-1420-and-1323-released-3171/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-181-177-1611-1515-1420-and-1323-released-3171/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2025-12818/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H']" }, { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T13:59:26Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2025-12818/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414826", "reference_id": "2414826", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22728", "reference_id": "RHSA-2025:22728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23022", "reference_id": "RHSA-2025:23022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23023", "reference_id": "RHSA-2025:23023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23123", "reference_id": "RHSA-2025:23123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23124", "reference_id": "RHSA-2025:23124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23157", "reference_id": "RHSA-2025:23157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23158", "reference_id": "RHSA-2025:23158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0262", "reference_id": "RHSA-2026:0262", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0262" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0263", "reference_id": "RHSA-2026:0263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0264", "reference_id": "RHSA-2026:0264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0265", "reference_id": "RHSA-2026:0265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0266", "reference_id": "RHSA-2026:0266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0266" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0267", "reference_id": "RHSA-2026:0267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0268", "reference_id": "RHSA-2026:0268", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0269", "reference_id": "RHSA-2026:0269", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0269" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0270", "reference_id": "RHSA-2026:0270", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0270" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0455", "reference_id": "RHSA-2026:0455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0456", "reference_id": "RHSA-2026:0456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0458", "reference_id": "RHSA-2026:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0491", "reference_id": "RHSA-2026:0491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0492", "reference_id": "RHSA-2026:0492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0493", "reference_id": "RHSA-2026:0493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0519", "reference_id": "RHSA-2026:0519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0519" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0523", "reference_id": "RHSA-2026:0523", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0523" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0524", "reference_id": "RHSA-2026:0524", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0524" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0525", "reference_id": "RHSA-2026:0525", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0525" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0594", "reference_id": "RHSA-2026:0594", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0594" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0695", "reference_id": "RHSA-2026:0695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0744", "reference_id": "RHSA-2026:0744", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0744" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0745", "reference_id": "RHSA-2026:0745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0746", "reference_id": "RHSA-2026:0746", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0746" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0835", "reference_id": "RHSA-2026:0835", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0835" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0865", "reference_id": "RHSA-2026:0865", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1736", "reference_id": "RHSA-2026:1736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8756", "reference_id": "RHSA-2026:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8756" }, { "reference_url": "https://usn.ubuntu.com/7908-1/", "reference_id": "USN-7908-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7908-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/121?format=api", "purl": "pkg:generic/postgresql@17.7.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/120?format=api", "purl": "pkg:generic/postgresql@18.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@18.1.0" } ], "aliases": [ "CVE-2025-12818" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kfy3-jgjm-myge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3504?format=api", "vulnerability_id": "VCID-mxct-582s-pfad", "summary": "PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validationmore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1094.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1094.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1094", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.82364", "scoring_system": "epss", "scoring_elements": "0.99236", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.82593", "scoring_system": "epss", "scoring_elements": "0.99243", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.83144", "scoring_system": "epss", "scoring_elements": "0.99261", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.83144", "scoring_system": "epss", "scoring_elements": "0.99256", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.83144", "scoring_system": "epss", "scoring_elements": "0.9926", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.83144", "scoring_system": "epss", "scoring_elements": "0.99262", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.83144", "scoring_system": "epss", "scoring_elements": "0.99263", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.83144", "scoring_system": "epss", "scoring_elements": "0.99264", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.83359", "scoring_system": "epss", "scoring_elements": "0.99267", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.83359", "scoring_system": "epss", "scoring_elements": "0.99277", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.83359", "scoring_system": "epss", "scoring_elements": "0.99276", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1094" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1094", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1094" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-173-167-1511-1416-and-1319-released-3015/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-173-167-1511-1416-and-1319-released-3015/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2025-1094/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H']" }, { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-13T14:18:35Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2025-1094/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345548", "reference_id": "2345548", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345548" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1720", "reference_id": "RHSA-2025:1720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1721", "reference_id": "RHSA-2025:1721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1722", "reference_id": "RHSA-2025:1722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1723", "reference_id": "RHSA-2025:1723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1724", "reference_id": "RHSA-2025:1724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1725", "reference_id": "RHSA-2025:1725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1726", "reference_id": "RHSA-2025:1726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1727", "reference_id": "RHSA-2025:1727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1728", "reference_id": "RHSA-2025:1728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1729", "reference_id": "RHSA-2025:1729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1730", "reference_id": "RHSA-2025:1730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1731", "reference_id": "RHSA-2025:1731", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1731" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1732", "reference_id": "RHSA-2025:1732", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1732" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1733", "reference_id": "RHSA-2025:1733", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1733" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1735", "reference_id": "RHSA-2025:1735", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1735" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1736", "reference_id": "RHSA-2025:1736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1737", "reference_id": "RHSA-2025:1737", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1737" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1738", "reference_id": "RHSA-2025:1738", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1738" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1739", "reference_id": "RHSA-2025:1739", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1739" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1740", "reference_id": "RHSA-2025:1740", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1740" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1741", "reference_id": "RHSA-2025:1741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1742", "reference_id": "RHSA-2025:1742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1743", "reference_id": "RHSA-2025:1743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1744", "reference_id": "RHSA-2025:1744", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1744" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1745", "reference_id": "RHSA-2025:1745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3050", "reference_id": "RHSA-2025:3050", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3050" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3062", "reference_id": "RHSA-2025:3062", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3062" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3063", "reference_id": "RHSA-2025:3063", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3063" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3064", "reference_id": "RHSA-2025:3064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3064" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3082", "reference_id": "RHSA-2025:3082", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3082" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3978", "reference_id": "RHSA-2025:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3978" }, { "reference_url": "https://usn.ubuntu.com/7315-1/", "reference_id": "USN-7315-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7315-1/" }, { "reference_url": "https://usn.ubuntu.com/7315-2/", "reference_id": "USN-7315-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7315-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/133?format=api", "purl": "pkg:generic/postgresql@17.3.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.3.0" } ], "aliases": [ "CVE-2025-1094" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mxct-582s-pfad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3508?format=api", "vulnerability_id": "VCID-rac3-kfb9-efgf", "summary": "PostgreSQL row security below e.g. subqueries disregards user ID changesmore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10976.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10976.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10976", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01099", "scoring_system": "epss", "scoring_elements": "0.78148", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01099", "scoring_system": "epss", "scoring_elements": "0.78008", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01099", "scoring_system": "epss", "scoring_elements": "0.7799", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01099", "scoring_system": "epss", "scoring_elements": "0.78017", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01099", "scoring_system": "epss", "scoring_elements": "0.78021", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01099", "scoring_system": "epss", "scoring_elements": "0.78048", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01099", "scoring_system": "epss", "scoring_elements": "0.7803", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01099", "scoring_system": "epss", "scoring_elements": "0.78028", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01099", "scoring_system": "epss", "scoring_elements": "0.78063", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01099", "scoring_system": "epss", "scoring_elements": "0.78062", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01099", "scoring_system": "epss", "scoring_elements": "0.77979", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01129", "scoring_system": "epss", "scoring_elements": "0.78366", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01129", "scoring_system": "epss", "scoring_elements": "0.78372", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01129", "scoring_system": "epss", "scoring_elements": "0.78389", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01129", "scoring_system": "epss", "scoring_elements": "0.78402", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01129", "scoring_system": "epss", "scoring_elements": "0.78333", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10976" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-171-165-159-1414-1317-and-1221-released-2955/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-171-165-159-1414-1317-and-1221-released-2955/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2024-10976/", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N']" }, { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-14T18:53:41Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2024-10976/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326263", "reference_id": "2326263", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326263" }, { "reference_url": "https://security.gentoo.org/glsa/202412-12", "reference_id": "GLSA-202412-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10785", "reference_id": "RHSA-2024:10785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10787", "reference_id": "RHSA-2024:10787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10788", "reference_id": "RHSA-2024:10788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10791", "reference_id": "RHSA-2024:10791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10830", "reference_id": "RHSA-2024:10830", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10830" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10831", "reference_id": "RHSA-2024:10831", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10831" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10832", "reference_id": "RHSA-2024:10832", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10832" }, { "reference_url": "https://usn.ubuntu.com/7132-1/", "reference_id": "USN-7132-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7132-1/" }, { "reference_url": "https://usn.ubuntu.com/7358-1/", "reference_id": "USN-7358-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7358-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137?format=api", "purl": "pkg:generic/postgresql@17.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.1.0" } ], "aliases": [ "CVE-2024-10976" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rac3-kfb9-efgf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3496?format=api", "vulnerability_id": "VCID-ucu8-nb95-hfca", "summary": "PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary codemore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2004.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2004.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2004", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14715", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14921", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14707", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.1481", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14998", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14802", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14891", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14942", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14869", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14907", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18379", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18483", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.1847", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18428", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18294", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.1859", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2004" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2004", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2004" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-182-178-1612-1516-and-1421-released-3235/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-182-178-1612-1516-and-1421-released-3235/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2026-2004/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H']" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-13T04:56:33Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2026-2004/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439325", "reference_id": "2439325", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3730", "reference_id": "RHSA-2026:3730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3887", "reference_id": "RHSA-2026:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3896", "reference_id": "RHSA-2026:3896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4024", "reference_id": "RHSA-2026:4024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4059", "reference_id": "RHSA-2026:4059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4063", "reference_id": "RHSA-2026:4063", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4063" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4064", "reference_id": "RHSA-2026:4064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4064" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4074", "reference_id": "RHSA-2026:4074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4075", "reference_id": "RHSA-2026:4075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4110", "reference_id": "RHSA-2026:4110", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4110" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4254", "reference_id": "RHSA-2026:4254", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4254" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4441", "reference_id": "RHSA-2026:4441", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4475", "reference_id": "RHSA-2026:4475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4504", "reference_id": "RHSA-2026:4504", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4504" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4505", "reference_id": "RHSA-2026:4505", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4506", "reference_id": "RHSA-2026:4506", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4506" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4509", "reference_id": "RHSA-2026:4509", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4509" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4515", "reference_id": "RHSA-2026:4515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4516", "reference_id": "RHSA-2026:4516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4518", "reference_id": "RHSA-2026:4518", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4518" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4524", "reference_id": "RHSA-2026:4524", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4524" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4528", "reference_id": "RHSA-2026:4528", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4528" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4544", "reference_id": "RHSA-2026:4544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4546", "reference_id": "RHSA-2026:4546", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4546" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4547", "reference_id": "RHSA-2026:4547", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4547" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4548", "reference_id": "RHSA-2026:4548", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4548" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8756", "reference_id": "RHSA-2026:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8756" }, { "reference_url": "https://usn.ubuntu.com/8072-1/", "reference_id": "USN-8072-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8072-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116?format=api", "purl": "pkg:generic/postgresql@17.8.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/111?format=api", "purl": "pkg:generic/postgresql@18.2.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@18.2.0" } ], "aliases": [ "CVE-2026-2004" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ucu8-nb95-hfca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3500?format=api", "vulnerability_id": "VCID-wetm-n31c-e3as", "summary": "PostgreSQL pg_dump newline in object name executes arbitrary code in psql client and in restore target servermore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8715.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8715.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8715", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.1498", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15174", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15136", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15072", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.14971", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15194", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15262", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15065", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15154", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15205", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16627", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16767", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16662", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16674", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21244", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21177", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8715" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8715", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8715" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-176-1610-1514-1419-1322-and-18-beta-3-released-3118/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-176-1610-1514-1419-1322-and-18-beta-3-released-3118/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2025-8715/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H']" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-15T03:55:57Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2025-8715/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388551", "reference_id": "2388551", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388551" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14826", "reference_id": "RHSA-2025:14826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14827", "reference_id": "RHSA-2025:14827", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14827" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14862", "reference_id": "RHSA-2025:14862", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14869", "reference_id": "RHSA-2025:14869", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14869" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14870", "reference_id": "RHSA-2025:14870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14878", "reference_id": "RHSA-2025:14878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14899", "reference_id": "RHSA-2025:14899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15006", "reference_id": "RHSA-2025:15006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15012", "reference_id": "RHSA-2025:15012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15013", "reference_id": "RHSA-2025:15013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15014", "reference_id": "RHSA-2025:15014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15015", "reference_id": "RHSA-2025:15015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15021", "reference_id": "RHSA-2025:15021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15022", "reference_id": "RHSA-2025:15022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15031", "reference_id": "RHSA-2025:15031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15034", "reference_id": "RHSA-2025:15034", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15057", "reference_id": "RHSA-2025:15057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15062", "reference_id": "RHSA-2025:15062", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15062" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15114", "reference_id": "RHSA-2025:15114", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15114" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15115", "reference_id": "RHSA-2025:15115", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15115" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15359", "reference_id": "RHSA-2025:15359", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15359" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15361", "reference_id": "RHSA-2025:15361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15361" }, { "reference_url": "https://usn.ubuntu.com/7741-1/", "reference_id": "USN-7741-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7741-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/125?format=api", "purl": "pkg:generic/postgresql@17.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.6.0" } ], "aliases": [ "CVE-2025-8715" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wetm-n31c-e3as" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3505?format=api", "vulnerability_id": "VCID-wxxg-2f53-w3ey", "summary": "PostgreSQL PL/Perl environment variable changes execute arbitrary codemore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10979.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10979.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10979", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.91429", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.91402", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.914", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.91399", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.91413", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.91321", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.91332", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.91339", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.91351", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.91358", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.91365", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.91367", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.91392", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.9139", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10979" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-171-165-159-1414-1317-and-1221-released-2955/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-171-165-159-1414-1317-and-1221-released-2955/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2024-10979/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H']" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-14T14:32:36Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2024-10979/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326253", "reference_id": "2326253", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326253" }, { "reference_url": "https://security.gentoo.org/glsa/202412-12", "reference_id": "GLSA-202412-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10593", "reference_id": "RHSA-2024:10593", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10593" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10595", "reference_id": "RHSA-2024:10595", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10595" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10677", "reference_id": "RHSA-2024:10677", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10677" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10705", "reference_id": "RHSA-2024:10705", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10705" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10736", "reference_id": "RHSA-2024:10736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10739", "reference_id": "RHSA-2024:10739", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10739" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10750", "reference_id": "RHSA-2024:10750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10750" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10785", "reference_id": "RHSA-2024:10785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10787", "reference_id": "RHSA-2024:10787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10788", "reference_id": "RHSA-2024:10788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10789", "reference_id": "RHSA-2024:10789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10791", "reference_id": "RHSA-2024:10791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10800", "reference_id": "RHSA-2024:10800", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10800" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10807", "reference_id": "RHSA-2024:10807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10827", "reference_id": "RHSA-2024:10827", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10827" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10830", "reference_id": "RHSA-2024:10830", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10830" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10831", "reference_id": "RHSA-2024:10831", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10831" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10832", "reference_id": "RHSA-2024:10832", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10832" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10846", "reference_id": "RHSA-2024:10846", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10846" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10851", "reference_id": "RHSA-2024:10851", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10851" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10879", "reference_id": "RHSA-2024:10879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10882", "reference_id": "RHSA-2024:10882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10882" }, { "reference_url": "https://usn.ubuntu.com/7132-1/", "reference_id": "USN-7132-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7132-1/" }, { "reference_url": "https://usn.ubuntu.com/7358-1/", "reference_id": "USN-7358-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7358-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137?format=api", "purl": "pkg:generic/postgresql@17.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.1.0" } ], "aliases": [ "CVE-2024-10979" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wxxg-2f53-w3ey" } ], "fixing_vulnerabilities": [], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.0.0" }