VulnerableCode Package Details - pkg:deb/debian/postgresql-9.4@9.4.7-0%2Bdeb8u1~bpo70%2B2

Search for packages

Package details: pkg:deb/debian/postgresql-9.4@9.4.7-0%2Bdeb8u1~bpo70%2B2

Essentials
History (16)

purl	pkg:deb/debian/postgresql-9.4@9.4.7-0%2Bdeb8u1~bpo70%2B2

Next non-vulnerable version	9.4.18-0+deb8u1
Latest non-vulnerable version	9.4.18-0+deb8u1
Risk	4.0

Vulnerabilities affecting this package (9)

Vulnerability	Summary	Fixed by
VCID-ayub-6tgu-a3av Aliases: CVE-2017-7485	libpq ignores PGREQUIRESSL environment variablemore details	9.4.18-0+deb8u1 Affected by 0 other vulnerabilities.
VCID-dst1-7hc3-nuhw Aliases: CVE-2017-7548	lo_put() function ignores ACLsmore details	9.4.18-0+deb8u1 Affected by 0 other vulnerabilities.
VCID-h8dt-f7ga-nyds Aliases: CVE-2016-5424	Exceptional database and role names could enable escalation to superusermore details	9.4.12-0+deb8u1~bpo7+1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-jq1k-pw3x-nyaf Aliases: CVE-2017-7547	pg_user_mappings view discloses passwords to users lacking server privilegesmore details	9.4.18-0+deb8u1 Affected by 0 other vulnerabilities.
VCID-sxun-92uz-37hj Aliases: CVE-2017-7546	empty password accepted in some authentication methodsmore details	9.4.18-0+deb8u1 Affected by 0 other vulnerabilities.
VCID-tt1x-j91p-n7a2 Aliases: CVE-2017-15098	Memory disclosure in JSON functionsmore details	9.4.18-0+deb8u1 Affected by 0 other vulnerabilities.
VCID-vpdr-kkm3-8uc6 Aliases: CVE-2016-5423	Certain nested CASE/WHEN expressions can crash servermore details	9.4.12-0+deb8u1~bpo7+1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-vsmn-9zxt-1qa4 Aliases: CVE-2017-7486	pg_user_mappings view discloses foreign server passwordsmore details	9.4.18-0+deb8u1 Affected by 0 other vulnerabilities.
VCID-wde1-18sj-u3a5 Aliases: CVE-2017-7484	selectivity estimators bypass SELECT privilege checksmore details	9.4.18-0+deb8u1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (7)

Vulnerability	Summary	Aliases
VCID-4k1c-w5dh-qbek	pgcrypto has multiple error messages for decryption with an incorrect key.more details	CVE-2015-3167
VCID-7tqr-xy86-b3gn	Unchecked JSON input can crash the servermore details	CVE-2015-5289
VCID-aewh-xxgg-9yau		CVE-2016-0766
VCID-evzz-qztw-x7ax	Double "free" after authentication timeoutmore details	CVE-2015-3165
VCID-rf1c-z854-fffn	Memory leak in crypt() function.more details	CVE-2015-5288
VCID-u76h-5gv2-vqg6	Unchecked regex can crash the servermore details	CVE-2016-0773
VCID-z2g6-4vwx-kqcb	Unanticipated errors from the standard library.more details	CVE-2015-3166

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-01T10:31:50.611146+00:00	Debian Oval Importer	Fixing	VCID-4k1c-w5dh-qbek	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	37.0.0
2025-08-01T10:30:51.075765+00:00	Debian Oval Importer	Fixing	VCID-evzz-qztw-x7ax	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	37.0.0
2025-08-01T10:27:52.476086+00:00	Debian Oval Importer	Fixing	VCID-7tqr-xy86-b3gn	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	37.0.0
2025-08-01T10:22:34.781593+00:00	Debian Oval Importer	Affected by	VCID-vpdr-kkm3-8uc6	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	37.0.0
2025-08-01T10:19:57.860493+00:00	Debian Oval Importer	Affected by	VCID-h8dt-f7ga-nyds	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	37.0.0
2025-08-01T10:15:18.619197+00:00	Debian Oval Importer	Affected by	VCID-wde1-18sj-u3a5	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	37.0.0
2025-08-01T10:12:51.366106+00:00	Debian Oval Importer	Affected by	VCID-dst1-7hc3-nuhw	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	37.0.0
2025-08-01T10:11:37.435599+00:00	Debian Oval Importer	Affected by	VCID-vsmn-9zxt-1qa4	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	37.0.0
2025-08-01T10:10:37.604057+00:00	Debian Oval Importer	Affected by	VCID-sxun-92uz-37hj	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	37.0.0
2025-08-01T10:04:47.157889+00:00	Debian Oval Importer	Affected by	VCID-tt1x-j91p-n7a2	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	37.0.0
2025-08-01T10:00:12.201354+00:00	Debian Oval Importer	Fixing	VCID-aewh-xxgg-9yau	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	37.0.0
2025-08-01T09:59:11.113590+00:00	Debian Oval Importer	Affected by	VCID-jq1k-pw3x-nyaf	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	37.0.0
2025-08-01T09:58:49.978368+00:00	Debian Oval Importer	Affected by	VCID-ayub-6tgu-a3av	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	37.0.0
2025-08-01T09:56:59.226960+00:00	Debian Oval Importer	Fixing	VCID-rf1c-z854-fffn	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	37.0.0
2025-08-01T09:56:21.955564+00:00	Debian Oval Importer	Fixing	VCID-z2g6-4vwx-kqcb	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	37.0.0
2025-08-01T09:54:12.862224+00:00	Debian Oval Importer	Fixing	VCID-u76h-5gv2-vqg6	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	37.0.0