Search for packages
| purl | pkg:generic/postgresql@9.4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-cqtz-env6-aaag | The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x before 9.1.19, 9.2.x before 9.2.14, 9.3.x before 9.3.10, and 9.4.x before 9.4.5 allows attackers to cause a denial of service (server crash) or read arbitrary server memory via a "too-short" salt. |
CVE-2015-5288
|
| VCID-ntg4-xv1r-aaan | Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service (server crash) via unspecified vectors, which are not properly handled in (1) json or (2) jsonb values. |
CVE-2015-5289
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:42:31.384861+00:00 | PostgreSQL Importer | Fixing | VCID-ntg4-xv1r-aaan | https://www.postgresql.org/support/security/CVE-2015-5289 | 36.0.0 |
| 2025-03-28T07:42:15.827740+00:00 | PostgreSQL Importer | Fixing | VCID-cqtz-env6-aaag | https://www.postgresql.org/support/security/CVE-2015-5288 | 36.0.0 |
| 2024-09-18T01:54:41.306596+00:00 | PostgreSQL Importer | Fixing | VCID-ntg4-xv1r-aaan | https://www.postgresql.org/support/security/CVE-2015-5289 | 34.0.1 |
| 2024-09-18T01:54:29.014766+00:00 | PostgreSQL Importer | Fixing | VCID-cqtz-env6-aaag | https://www.postgresql.org/support/security/CVE-2015-5288 | 34.0.1 |
| 2024-01-03T22:23:14.878219+00:00 | PostgreSQL Importer | Fixing | VCID-ntg4-xv1r-aaan | https://www.postgresql.org/support/security/CVE-2015-5289 | 34.0.0rc1 |
| 2024-01-03T22:22:48.423046+00:00 | PostgreSQL Importer | Fixing | VCID-cqtz-env6-aaag | https://www.postgresql.org/support/security/CVE-2015-5288 | 34.0.0rc1 |