Search for packages
Package details: pkg:generic/postgresql@14.9.0
purl pkg:generic/postgresql@14.9.0
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-23g8-dcz6-aaan IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser. CVE-2023-39417

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-25T18:29:46.419560+00:00 PostgreSQL Importer Fixing VCID-23g8-dcz6-aaan https://www.postgresql.org/support/security/CVE-2023-39417 36.1.3
2025-06-04T05:59:06.709282+00:00 PostgreSQL Importer Fixing VCID-23g8-dcz6-aaan https://www.postgresql.org/support/security/CVE-2023-39417 36.1.0
2025-06-02T20:35:49.804517+00:00 PostgreSQL Importer Fixing VCID-23g8-dcz6-aaan https://www.postgresql.org/support/security/CVE-2023-39417 36.1.2
2025-03-28T07:42:16.050166+00:00 PostgreSQL Importer Fixing VCID-23g8-dcz6-aaan https://www.postgresql.org/support/security/CVE-2023-39417 36.0.0
2024-11-18T17:45:35.309985+00:00 PostgreSQL Importer Fixing VCID-23g8-dcz6-aaan https://www.postgresql.org/support/security/CVE-2023-39417 34.3.2
2024-09-18T01:54:07.243779+00:00 PostgreSQL Importer Fixing VCID-23g8-dcz6-aaan https://www.postgresql.org/support/security/CVE-2023-39417 34.0.1
2024-01-03T22:22:45.828436+00:00 PostgreSQL Importer Fixing VCID-23g8-dcz6-aaan https://www.postgresql.org/support/security/CVE-2023-39417 34.0.0rc1