Search for packages
| purl | pkg:generic/postgresql@11.21.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-23g8-dcz6-aaan | IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser. |
CVE-2023-39417
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-25T18:29:54.907658+00:00 | PostgreSQL Importer | Fixing | VCID-23g8-dcz6-aaan | https://www.postgresql.org/support/security/CVE-2023-39417 | 36.1.3 |
| 2025-06-04T05:59:07.228783+00:00 | PostgreSQL Importer | Fixing | VCID-23g8-dcz6-aaan | https://www.postgresql.org/support/security/CVE-2023-39417 | 36.1.0 |
| 2025-06-02T20:35:53.741117+00:00 | PostgreSQL Importer | Fixing | VCID-23g8-dcz6-aaan | https://www.postgresql.org/support/security/CVE-2023-39417 | 36.1.2 |
| 2025-03-28T07:42:16.152690+00:00 | PostgreSQL Importer | Fixing | VCID-23g8-dcz6-aaan | https://www.postgresql.org/support/security/CVE-2023-39417 | 36.0.0 |
| 2024-09-18T01:54:09.720986+00:00 | PostgreSQL Importer | Fixing | VCID-23g8-dcz6-aaan | https://www.postgresql.org/support/security/CVE-2023-39417 | 34.0.1 |
| 2024-01-03T22:23:06.176807+00:00 | PostgreSQL Importer | Fixing | VCID-23g8-dcz6-aaan | https://www.postgresql.org/support/security/CVE-2023-39417 | 34.0.0rc1 |