Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-7484 (GCVE-0-2017-7484)
Vulnerability from cvelistv5 – Published: 2017-05-12 19:00 – Updated: 2024-08-05 16:04
VLAI?
EPSS
Summary
It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access.
Severity ?
No CVSS data available.
CWE
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1038476 | vdb-entryx_refsource_SECTRACK |
| http://www.debian.org/security/2017/dsa-3851 | vendor-advisoryx_refsource_DEBIAN |
| https://access.redhat.com/errata/RHSA-2017:2425 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:1678 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:1677 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:1983 | vendor-advisoryx_refsource_REDHAT |
| https://www.postgresql.org/about/news/1746/ | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2017:1838 | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/98459 | vdb-entryx_refsource_BID |
| https://security.gentoo.org/glsa/201710-06 | vendor-advisoryx_refsource_GENTOO |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| The PostgreSQL Global Development Group | PostgreSQL |
Affected:
9.2 - 9.6
|
Date Public ?
2017-05-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:04:11.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038476",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038476"
},
{
"name": "DSA-3851",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3851"
},
{
"name": "RHSA-2017:2425",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2425"
},
{
"name": "RHSA-2017:1678",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1678"
},
{
"name": "RHSA-2017:1677",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1677"
},
{
"name": "RHSA-2017:1983",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1983"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.postgresql.org/about/news/1746/"
},
{
"name": "RHSA-2017:1838",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1838"
},
{
"name": "98459",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98459"
},
{
"name": "GLSA-201710-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201710-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PostgreSQL",
"vendor": "The PostgreSQL Global Development Group",
"versions": [
{
"status": "affected",
"version": "9.2 - 9.6"
}
]
}
],
"datePublic": "2017-05-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "1038476",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038476"
},
{
"name": "DSA-3851",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3851"
},
{
"name": "RHSA-2017:2425",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2425"
},
{
"name": "RHSA-2017:1678",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1678"
},
{
"name": "RHSA-2017:1677",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1677"
},
{
"name": "RHSA-2017:1983",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1983"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.postgresql.org/about/news/1746/"
},
{
"name": "RHSA-2017:1838",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1838"
},
{
"name": "98459",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98459"
},
{
"name": "GLSA-201710-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201710-06"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-7484",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PostgreSQL",
"version": {
"version_data": [
{
"version_value": "9.2 - 9.6"
}
]
}
}
]
},
"vendor_name": "The PostgreSQL Global Development Group"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-285"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038476",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038476"
},
{
"name": "DSA-3851",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3851"
},
{
"name": "RHSA-2017:2425",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2425"
},
{
"name": "RHSA-2017:1678",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1678"
},
{
"name": "RHSA-2017:1677",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1677"
},
{
"name": "RHSA-2017:1983",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1983"
},
{
"name": "https://www.postgresql.org/about/news/1746/",
"refsource": "CONFIRM",
"url": "https://www.postgresql.org/about/news/1746/"
},
{
"name": "RHSA-2017:1838",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1838"
},
{
"name": "98459",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98459"
},
{
"name": "GLSA-201710-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201710-06"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-7484",
"datePublished": "2017-05-12T19:00:00.000Z",
"dateReserved": "2017-04-05T00:00:00.000Z",
"dateUpdated": "2024-08-05T16:04:11.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2017-7484",
"date": "2026-05-20",
"epss": "0.0129",
"percentile": "0.7987"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"9.2.20\", \"matchCriteriaId\": \"20D48E22-78D1-461D-ABE1-C8F578A17CB7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B890251-95EB-44F3-A6A7-F718F3C807B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D2E5BD02-8C3D-4687-88DE-1C00366270E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"709F5DF9-9F3A-42C3-890B-521B13118C0E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"14D85A34-C897-4E52-8F97-18CA51C5461A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.3.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A40DAD2B-A6D4-43D8-B282-A3C672356D6A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.3.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FC2FE391-9414-480E-A9B1-CF70280E315E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.3.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"55B6A4ED-FA3B-4251-BF82-755F95277CF9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.3.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7142DF3-124D-43D7-ADD9-70F4F7298557\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.3.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"28DEA438-A0ED-49DC-AE51-4E9D8D4B6E7B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.3.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"810B184F-6FB8-48D8-A569-F47BA43C4862\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.3.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"064BF155-7E2D-47B9-BD2B-C6E9FC06F5FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.3.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"676A81BD-7EEE-4770-B9AC-451B09844D6C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.3.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"30F23D38-BDD6-48E6-A6B2-29CD962EED99\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.3.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"89833234-3890-4E2E-8FCF-09925D83ED67\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.3.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8F3ACC3-CB15-47E3-A511-E1D1F75E797F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.3.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F6FD785-7C9F-4302-B7ED-93CA04473ACE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.3.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC1BA72C-3A6E-450B-A3DE-3898DEAA9225\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"77D1323D-3096-4D0F-823A-ECAC9017646D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A587AF3-5E70-4455-8621-DFD048207DE2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"526AFF26-B3EC-41C3-AC4C-85BFA3F99AC8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"89D2CAB7-C3D9-4F21-B902-2E498D00EFEB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"88797795-8B1C-455F-8C52-6169B2E47D53\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.4.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DBDE0CC8-F1DF-4723-8FCB-9A33EA8B12D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.4.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"90F13667-019B-49DF-929C-3D376FCDE6E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.4.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B9E20AA3-C0D3-492C-AF3B-9F61550E6983\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.4.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"251C78CA-EEC0-49A8-A3D2-3C86D16CCB7F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.4.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AB443A75-2466-4164-A71B-9203933CB0D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.4.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B02839D4-EE7D-4D42-8934-322E46B643D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.4.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B1BAE807-A21F-4980-B64E-911F5E9B16BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9FF7FC5B-C9E3-4109-B3D6-9AC06F75DCB3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D2C15A86-9ED9-492E-877B-86963DAA761A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.5.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9EF74623-EF0E-455D-ADEB-9E336B539D86\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.5.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FACD7AB7-34E9-4DFC-A788-7B9BF745D780\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.5.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8E8AEBB-9968-458D-8EE4-2725BBE1A53F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.5.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7ECC17E6-C5FF-4B63-807A-26E5E6932C5C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.5.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7DB72357-B16D-488A-995C-2703CCEC1D8F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7040466B-2A7D-4E75-8E4F-FA70D4A7E014\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"44887DE9-506B-46E3-922C-7B3C14B0AF33\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:9.6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D1250F15-7A05-452A-8958-3B1B32B326E1\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access.\"}, {\"lang\": \"es\", \"value\": \"Se ha descubierto que algunas funciones de estimaci\\u00f3n de selectividad en PostgreSQL, en versiones anteriores a la 9.2.21, versiones 9.3.x anteriores a la 9.3.17, versiones 9.4.x anteriores a la 9.4.12, versiones 9.5.x anteriores a la 9.5.7 y versiones 9.6.x anteriores a la 9.6.3, no verificaban los privilegios de usuario antes de ofrecer informaci\\u00f3n de pg_statistic, lo que probablemente implique un filtrado de informaci\\u00f3n. Un atacante sin privilegios podr\\u00eda utilizar este fallo para robar informaci\\u00f3n de tablas a las que, de otra forma, no tendr\\u00eda acceso.\"}]",
"id": "CVE-2017-7484",
"lastModified": "2024-11-21T03:31:59.673",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2017-05-12T19:29:00.193",
"references": "[{\"url\": \"http://www.debian.org/security/2017/dsa-3851\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/bid/98459\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1038476\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1677\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1678\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1838\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1983\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2425\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://security.gentoo.org/glsa/201710-06\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://www.postgresql.org/about/news/1746/\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.debian.org/security/2017/dsa-3851\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/98459\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1038476\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1677\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1678\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1838\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1983\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2425\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.gentoo.org/glsa/201710-06\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.postgresql.org/about/news/1746/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-285\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2017-7484\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2017-05-12T19:29:00.193\",\"lastModified\":\"2026-05-13T00:24:29.033\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access.\"},{\"lang\":\"es\",\"value\":\"Se ha descubierto que algunas funciones de estimaci\u00f3n de selectividad en PostgreSQL, en versiones anteriores a la 9.2.21, versiones 9.3.x anteriores a la 9.3.17, versiones 9.4.x anteriores a la 9.4.12, versiones 9.5.x anteriores a la 9.5.7 y versiones 9.6.x anteriores a la 9.6.3, no verificaban los privilegios de usuario antes de ofrecer informaci\u00f3n de pg_statistic, lo que probablemente implique un filtrado de informaci\u00f3n. Un atacante sin privilegios podr\u00eda utilizar este fallo para robar informaci\u00f3n de tablas a las que, de otra forma, no tendr\u00eda acceso.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-285\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"9.2.20\",\"matchCriteriaId\":\"20D48E22-78D1-461D-ABE1-C8F578A17CB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B890251-95EB-44F3-A6A7-F718F3C807B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2E5BD02-8C3D-4687-88DE-1C00366270E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"709F5DF9-9F3A-42C3-890B-521B13118C0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14D85A34-C897-4E52-8F97-18CA51C5461A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A40DAD2B-A6D4-43D8-B282-A3C672356D6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC2FE391-9414-480E-A9B1-CF70280E315E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55B6A4ED-FA3B-4251-BF82-755F95277CF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7142DF3-124D-43D7-ADD9-70F4F7298557\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.3.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28DEA438-A0ED-49DC-AE51-4E9D8D4B6E7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.3.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"810B184F-6FB8-48D8-A569-F47BA43C4862\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.3.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"064BF155-7E2D-47B9-BD2B-C6E9FC06F5FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"676A81BD-7EEE-4770-B9AC-451B09844D6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.3.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30F23D38-BDD6-48E6-A6B2-29CD962EED99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.3.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89833234-3890-4E2E-8FCF-09925D83ED67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.3.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8F3ACC3-CB15-47E3-A511-E1D1F75E797F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.3.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F6FD785-7C9F-4302-B7ED-93CA04473ACE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.3.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC1BA72C-3A6E-450B-A3DE-3898DEAA9225\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77D1323D-3096-4D0F-823A-ECAC9017646D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A587AF3-5E70-4455-8621-DFD048207DE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"526AFF26-B3EC-41C3-AC4C-85BFA3F99AC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89D2CAB7-C3D9-4F21-B902-2E498D00EFEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88797795-8B1C-455F-8C52-6169B2E47D53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBDE0CC8-F1DF-4723-8FCB-9A33EA8B12D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90F13667-019B-49DF-929C-3D376FCDE6E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9E20AA3-C0D3-492C-AF3B-9F61550E6983\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"251C78CA-EEC0-49A8-A3D2-3C86D16CCB7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.4.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB443A75-2466-4164-A71B-9203933CB0D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.4.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B02839D4-EE7D-4D42-8934-322E46B643D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.4.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1BAE807-A21F-4980-B64E-911F5E9B16BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FF7FC5B-C9E3-4109-B3D6-9AC06F75DCB3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2C15A86-9ED9-492E-877B-86963DAA761A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EF74623-EF0E-455D-ADEB-9E336B539D86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FACD7AB7-34E9-4DFC-A788-7B9BF745D780\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8E8AEBB-9968-458D-8EE4-2725BBE1A53F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7ECC17E6-C5FF-4B63-807A-26E5E6932C5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DB72357-B16D-488A-995C-2703CCEC1D8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7040466B-2A7D-4E75-8E4F-FA70D4A7E014\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44887DE9-506B-46E3-922C-7B3C14B0AF33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1250F15-7A05-452A-8958-3B1B32B326E1\"}]}]}],\"references\":[{\"url\":\"http://www.debian.org/security/2017/dsa-3851\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/98459\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1038476\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1677\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1678\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1838\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1983\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2425\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://security.gentoo.org/glsa/201710-06\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.postgresql.org/about/news/1746/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2017/dsa-3851\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/98459\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1038476\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1677\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1678\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1838\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1983\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2425\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/201710-06\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.postgresql.org/about/news/1746/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
CERTFR-2025-AVI-0947
Vulnerability from certfr_avis - Published: 2025-10-31 - Updated: 2025-10-31
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling Connect:Direct | Sterling Connect:Direct versions 6.2.x antérieures à 6.2.0.9.iFix005 pour Unix | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct versions 6.4.x antérieures à 6.4.0.2.iFix004 pour Unix | ||
| IBM | QRadar | QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP14 | ||
| IBM | QRadar Hub | Qradar Hub versions antérieures à 3.9.0 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct versions 6.3.x antérieures à 6.3.0.5.iFix008 pour Unix | ||
| IBM | QRadar | QRadar Incident Forensics versions 7.5.x antérieures à 7.5.0 UP14 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sterling Connect:Direct versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.9.iFix005 pour Unix",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct versions 6.4.x ant\u00e9rieures \u00e0 6.4.0.2.iFix004 pour Unix",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP14",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Qradar Hub versions ant\u00e9rieures \u00e0 3.9.0",
"product": {
"name": "QRadar Hub",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.5.iFix008 pour Unix",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Incident Forensics versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP14",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2025-54389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54389"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2022-26336",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26336"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2025-38211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38211"
},
{
"name": "CVE-2023-45145",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45145"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2025-38332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38332"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-36007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36007"
},
{
"name": "CVE-2012-0868",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0868"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2024-21096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21096"
},
{
"name": "CVE-2019-10130",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10130"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2025-36137",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36137"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2017-7484",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7484"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
}
],
"initial_release_date": "2025-10-31T00:00:00",
"last_revision_date": "2025-10-31T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0947",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-31T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Injection SQL (SQLi)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-10-30",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7249678",
"url": "https://www.ibm.com/support/pages/node/7249678"
},
{
"published_at": "2025-10-27",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7249277",
"url": "https://www.ibm.com/support/pages/node/7249277"
},
{
"published_at": "2025-10-30",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7249661",
"url": "https://www.ibm.com/support/pages/node/7249661"
},
{
"published_at": "2025-10-27",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7249276",
"url": "https://www.ibm.com/support/pages/node/7249276"
}
]
}
CERTFR-2025-AVI-0947
Vulnerability from certfr_avis - Published: 2025-10-31 - Updated: 2025-10-31
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling Connect:Direct | Sterling Connect:Direct versions 6.2.x antérieures à 6.2.0.9.iFix005 pour Unix | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct versions 6.4.x antérieures à 6.4.0.2.iFix004 pour Unix | ||
| IBM | QRadar | QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP14 | ||
| IBM | QRadar Hub | Qradar Hub versions antérieures à 3.9.0 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct versions 6.3.x antérieures à 6.3.0.5.iFix008 pour Unix | ||
| IBM | QRadar | QRadar Incident Forensics versions 7.5.x antérieures à 7.5.0 UP14 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sterling Connect:Direct versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.9.iFix005 pour Unix",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct versions 6.4.x ant\u00e9rieures \u00e0 6.4.0.2.iFix004 pour Unix",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP14",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Qradar Hub versions ant\u00e9rieures \u00e0 3.9.0",
"product": {
"name": "QRadar Hub",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.5.iFix008 pour Unix",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Incident Forensics versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP14",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2025-54389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54389"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2022-26336",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26336"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2025-38211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38211"
},
{
"name": "CVE-2023-45145",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45145"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2025-38332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38332"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-36007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36007"
},
{
"name": "CVE-2012-0868",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0868"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2024-21096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21096"
},
{
"name": "CVE-2019-10130",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10130"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2025-36137",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36137"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2017-7484",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7484"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
}
],
"initial_release_date": "2025-10-31T00:00:00",
"last_revision_date": "2025-10-31T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0947",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-31T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Injection SQL (SQLi)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-10-30",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7249678",
"url": "https://www.ibm.com/support/pages/node/7249678"
},
{
"published_at": "2025-10-27",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7249277",
"url": "https://www.ibm.com/support/pages/node/7249277"
},
{
"published_at": "2025-10-30",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7249661",
"url": "https://www.ibm.com/support/pages/node/7249661"
},
{
"published_at": "2025-10-27",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7249276",
"url": "https://www.ibm.com/support/pages/node/7249276"
}
]
}
BDU:2019-03334
Vulnerability from fstec - Published: 12.05.2017
VLAI Severity ?
Title
Уязвимость системы управления базами данных PostgreSQL, связанная с отсутствием проверки привилегии пользователя перед предоставлением информации из pg_statistic, позволяющая нарушителю получить доступ к конфиденциальным данным
Description
Уязвимость системы управления базами данных PostgreSQL связана с отсутствием проверки привилегии пользователя перед предоставлением информации из pg_statistic. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, получить доступ к конфиденциальным данным
Severity ?
Vendor
Сообщество свободного программного обеспечения, ООО «РусБИТех-Астра», PostgreSQL Global Development Group, АО «НТЦ ИТ РОСА», АО "НППКТ"
Software Name
Debian GNU/Linux, Astra Linux Special Edition (запись в едином реестре российских программ №369), PostgreSQL, Astra Linux Special Edition для «Эльбрус» (запись в едином реестре российских программ №11156), РОСА Кобальт (запись в едином реестре российских программ №1999), ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913)
Software Version
9 (Debian GNU/Linux), 1.6 «Смоленск» (Astra Linux Special Edition), 8 (Debian GNU/Linux), до 9.2.21, 9.3.x до 9.3.17, 9.4.x до 9.4.12, 9.5.x до 9.5.7, 9.6.x до 9.6.3 (PostgreSQL), 8.1 «Ленинград» (Astra Linux Special Edition для «Эльбрус»), 7.9 (РОСА Кобальт), до 2.14 (ОСОН ОСнова Оnyx)
Possible Mitigations
Для postgresql-9.4:
Обновление программного обеспечения до 9.4.12-0+deb8u1 или более поздней версии
Для Debian:
Обновление программного обеспечения (пакета postgresql-9.4) до 9.4.12-0+deb8u1 или более поздней версии
Для Astra Linux:
https://wiki.astralinux.ru/pages/viewpage.action?pageId=57444186
https://wiki.astralinux.ru/pages/viewpage.action?pageId=41192827
Обновление программного обеспечения postgresql-15 до версии 15.14+repack1-1osnova1
Для ОС РОСА "КОБАЛЬТ":
https://abf.rosa.ru/advisories/ROSA-SA-2025-3038
Reference
https://www.postgresql.org/about/news/1746/
https://nvd.nist.gov/vuln/detail/CVE-2017-7484
https://security-tracker.debian.org/tracker/CVE-2017-7484
https://wiki.astralinux.ru/pages/viewpage.action?pageId=41192827
https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.14/
https://abf.rosa.ru/advisories/ROSA-SA-2025-3038
CWE
CWE-200
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "TO2192",
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": "TO2192 \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 PostgreSQL (\u043f\u0430\u043a\u0435\u0442\u0430 postgresql15 \u0434\u043b\u044f Red Hat 7)",
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, PostgreSQL Global Development Group, \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb, \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\"",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "9 (Debian GNU/Linux), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 8 (Debian GNU/Linux), \u0434\u043e 9.2.21, 9.3.x \u0434\u043e 9.3.17, 9.4.x \u0434\u043e 9.4.12, 9.5.x \u0434\u043e 9.5.7, 9.6.x \u0434\u043e 9.6.3 (PostgreSQL), 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb (Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb), 7.9 (\u0420\u041e\u0421\u0410 \u041a\u043e\u0431\u0430\u043b\u044c\u0442), \u0434\u043e 2.14 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0414\u043b\u044f postgresql-9.4:\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e 9.4.12-0+deb8u1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\n\n\u0414\u043b\u044f Debian:\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f (\u043f\u0430\u043a\u0435\u0442\u0430 postgresql-9.4) \u0434\u043e 9.4.12-0+deb8u1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\n\n\u0414\u043b\u044f Astra Linux:\n\nhttps://wiki.astralinux.ru/pages/viewpage.action?pageId=57444186\nhttps://wiki.astralinux.ru/pages/viewpage.action?pageId=41192827\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f postgresql-15 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 15.14+repack1-1osnova1\n\n\u0414\u043b\u044f \u041e\u0421 \u0420\u041e\u0421\u0410 \"\u041a\u041e\u0411\u0410\u041b\u042c\u0422\":\nhttps://abf.rosa.ru/advisories/ROSA-SA-2025-3038",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "12.05.2017",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "06.11.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "01.10.2019",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2019-03334",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2017-7484",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), PostgreSQL, Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), \u0420\u041e\u0421\u0410 \u041a\u043e\u0431\u0430\u043b\u044c\u0442 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161999), \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 8 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb \u0420\u041e\u0421\u0410 \u041a\u043e\u0431\u0430\u043b\u044c\u0442 7.9 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161999), \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\" \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx \u0434\u043e 2.14 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0430\u0437\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 PostgreSQL, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043f\u0435\u0440\u0435\u0434 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u0437 pg_statistic, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 (CWE-200)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0430\u0437\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 PostgreSQL \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043f\u0435\u0440\u0435\u0434 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u0437 pg_statistic. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://www.postgresql.org/about/news/1746/\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-7484\nhttps://security-tracker.debian.org/tracker/CVE-2017-7484\nhttps://wiki.astralinux.ru/pages/viewpage.action?pageId=41192827\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.14/\nhttps://abf.rosa.ru/advisories/ROSA-SA-2025-3038",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u0421\u0423\u0411\u0414, \u041f\u041e \u0434\u043b\u044f \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0418\u0418",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-200",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}
cleanstart-2026-fw42039
Vulnerability from cleanstart
Published
2026-01-30 17:19
Modified
2026-01-29 18:58
Summary
vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT
Details
Multiple security vulnerabilities affect the postgresql package. A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "postgresql"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the postgresql package. A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-FW42039",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T17:19:56.954092Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-FW42039"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-15098"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-15099"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7484"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7485"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7486"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7546"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7547"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7548"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1052"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1058"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16850"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-10129"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-10130"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-10208"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-10209"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-14349"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-14350"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-25694"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-25695"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-25696"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-20229"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-23214"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-32027"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-32028"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-32029"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-3393"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-3677"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-2625"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-41862"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-2454"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-2455"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-39418"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-5870"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-7348"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-51476"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-51477"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15098"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15099"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7484"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7485"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7486"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7546"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7547"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7548"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1052"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1058"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16850"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10129"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10130"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10208"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10209"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14349"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14350"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25694"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25695"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25696"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20229"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23214"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32027"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32028"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32029"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3393"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3677"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2625"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41862"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2454"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2455"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39418"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5870"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7348"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-51476"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-51477"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT",
"upstream": [
"CVE-2017-15098",
"CVE-2017-15099",
"CVE-2017-7484",
"CVE-2017-7485",
"CVE-2017-7486",
"CVE-2017-7546",
"CVE-2017-7547",
"CVE-2017-7548",
"CVE-2018-1052",
"CVE-2018-1058",
"CVE-2018-16850",
"CVE-2019-10129",
"CVE-2019-10130",
"CVE-2019-10208",
"CVE-2019-10209",
"CVE-2020-14349",
"CVE-2020-14350",
"CVE-2020-25694",
"CVE-2020-25695",
"CVE-2020-25696",
"CVE-2021-20229",
"CVE-2021-23214",
"CVE-2021-32027",
"CVE-2021-32028",
"CVE-2021-32029",
"CVE-2021-3393",
"CVE-2021-3677",
"CVE-2022-2625",
"CVE-2022-41862",
"CVE-2023-2454",
"CVE-2023-2455",
"CVE-2023-39418",
"CVE-2023-5870",
"CVE-2024-7348",
"CVE-2025-51476",
"CVE-2025-51477"
]
}
cleanstart-2026-hj04971
Vulnerability from cleanstart
Published
2026-01-30 17:21
Modified
2026-01-29 18:58
Summary
vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT
Details
Multiple security vulnerabilities affect the postgresql package. A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "postgresql"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the postgresql package. A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-HJ04971",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T17:21:56.808972Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-HJ04971"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-15098"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-15099"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7484"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7485"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7486"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7546"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7547"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7548"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1052"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1058"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16850"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-10129"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-10130"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-10208"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-10209"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-14349"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-14350"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-25694"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-25695"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-25696"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-20229"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-23214"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-32027"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-32028"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-32029"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-3393"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-3677"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-2625"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-41862"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-2454"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-2455"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-39418"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-5870"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-7348"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15098"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15099"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7484"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7485"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7486"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7546"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7547"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7548"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1052"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1058"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16850"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10129"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10130"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10208"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10209"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14349"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14350"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25694"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25695"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25696"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20229"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23214"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32027"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32028"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32029"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3393"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3677"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2625"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41862"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2454"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2455"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39418"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5870"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7348"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT",
"upstream": [
"CVE-2017-15098",
"CVE-2017-15099",
"CVE-2017-7484",
"CVE-2017-7485",
"CVE-2017-7486",
"CVE-2017-7546",
"CVE-2017-7547",
"CVE-2017-7548",
"CVE-2018-1052",
"CVE-2018-1058",
"CVE-2018-16850",
"CVE-2019-10129",
"CVE-2019-10130",
"CVE-2019-10208",
"CVE-2019-10209",
"CVE-2020-14349",
"CVE-2020-14350",
"CVE-2020-25694",
"CVE-2020-25695",
"CVE-2020-25696",
"CVE-2021-20229",
"CVE-2021-23214",
"CVE-2021-32027",
"CVE-2021-32028",
"CVE-2021-32029",
"CVE-2021-3393",
"CVE-2021-3677",
"CVE-2022-2625",
"CVE-2022-41862",
"CVE-2023-2454",
"CVE-2023-2455",
"CVE-2023-39418",
"CVE-2023-5870",
"CVE-2024-7348"
]
}
CNVD-2017-06930
Vulnerability from cnvd - Published: 2017-05-18
VLAI Severity ?
Title
PostgreSQL信息泄露漏洞(CNVD-2017-06930)
Description
PostgreSQL是PostgreSQL开发组所研发的一套自由的对象关系型数据库管理系统。该系统支持大部分SQL标准并且提供了许多其他特性,例如外键、触发器、视图等。
PostgreSQL中的选择性评估函数存在信息泄露漏洞,该漏洞源于在提交pg_statistic信息之前程序未能验证用户权限。攻击者可利用该漏洞获取表格中的敏感信息。
Severity
中
Patch Name
PostgreSQL信息泄露漏洞(CNVD-2017-06930)的补丁
Patch Description
PostgreSQL是PostgreSQL开发组所研发的一套自由的对象关系型数据库管理系统。该系统支持大部分SQL标准并且提供了许多其他特性,例如外键、触发器、视图等。
PostgreSQL中的选择性评估函数存在信息泄露漏洞,该漏洞源于在提交pg_statistic信息之前程序未能验证用户权限。攻击者可利用该漏洞获取表格中的敏感信息。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接: https://www.postgresql.org/about/news/1746/
Reference
https://www.postgresql.org/about/news/1746/
Impacted products
| Name | ['PostgreSQL PostgreSQL <9.2.21', 'PostgreSQL PostgreSQL 9.3.x<9.3.17', 'PostgreSQL PostgreSQL 9.4.x<9.4.12', 'PostgreSQL PostgreSQL 9.5.x<9.5.7', 'PostgreSQL PostgreSQL 9.6.x<9.6.3'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2017-7484"
}
},
"description": "PostgreSQL\u662fPostgreSQL\u5f00\u53d1\u7ec4\u6240\u7814\u53d1\u7684\u4e00\u5957\u81ea\u7531\u7684\u5bf9\u8c61\u5173\u7cfb\u578b\u6570\u636e\u5e93\u7ba1\u7406\u7cfb\u7edf\u3002\u8be5\u7cfb\u7edf\u652f\u6301\u5927\u90e8\u5206SQL\u6807\u51c6\u5e76\u4e14\u63d0\u4f9b\u4e86\u8bb8\u591a\u5176\u4ed6\u7279\u6027\uff0c\u4f8b\u5982\u5916\u952e\u3001\u89e6\u53d1\u5668\u3001\u89c6\u56fe\u7b49\u3002\r\n\r\nPostgreSQL\u4e2d\u7684\u9009\u62e9\u6027\u8bc4\u4f30\u51fd\u6570\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5728\u63d0\u4ea4pg_statistic\u4fe1\u606f\u4e4b\u524d\u7a0b\u5e8f\u672a\u80fd\u9a8c\u8bc1\u7528\u6237\u6743\u9650\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u8868\u683c\u4e2d\u7684\u654f\u611f\u4fe1\u606f\u3002",
"discovererName": "PostgreSQL",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://www.postgresql.org/about/news/1746/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-06930",
"openTime": "2017-05-18",
"patchDescription": "PostgreSQL\u662fPostgreSQL\u5f00\u53d1\u7ec4\u6240\u7814\u53d1\u7684\u4e00\u5957\u81ea\u7531\u7684\u5bf9\u8c61\u5173\u7cfb\u578b\u6570\u636e\u5e93\u7ba1\u7406\u7cfb\u7edf\u3002\u8be5\u7cfb\u7edf\u652f\u6301\u5927\u90e8\u5206SQL\u6807\u51c6\u5e76\u4e14\u63d0\u4f9b\u4e86\u8bb8\u591a\u5176\u4ed6\u7279\u6027\uff0c\u4f8b\u5982\u5916\u952e\u3001\u89e6\u53d1\u5668\u3001\u89c6\u56fe\u7b49\u3002\r\n\r\nPostgreSQL\u4e2d\u7684\u9009\u62e9\u6027\u8bc4\u4f30\u51fd\u6570\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5728\u63d0\u4ea4pg_statistic\u4fe1\u606f\u4e4b\u524d\u7a0b\u5e8f\u672a\u80fd\u9a8c\u8bc1\u7528\u6237\u6743\u9650\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u8868\u683c\u4e2d\u7684\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "PostgreSQL\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2017-06930\uff09\u7684\u8865\u4e01",
"products": {
"product": [
"PostgreSQL PostgreSQL \u003c9.2.21",
"PostgreSQL PostgreSQL 9.3.x\u003c9.3.17",
"PostgreSQL PostgreSQL 9.4.x\u003c9.4.12",
"PostgreSQL PostgreSQL 9.5.x\u003c9.5.7",
"PostgreSQL PostgreSQL 9.6.x\u003c9.6.3"
]
},
"referenceLink": "https://www.postgresql.org/about/news/1746/",
"serverity": "\u4e2d",
"submitTime": "2017-05-17",
"title": "PostgreSQL\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2017-06930\uff09"
}
FKIE_CVE-2017-7484
Vulnerability from fkie_nvd - Published: 2017-05-12 19:29 - Updated: 2026-05-13 00:24
Severity ?
Summary
It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | http://www.debian.org/security/2017/dsa-3851 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/98459 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securitytracker.com/id/1038476 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2017:1677 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2017:1678 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2017:1838 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2017:1983 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2017:2425 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201710-06 | ||
| secalert@redhat.com | https://www.postgresql.org/about/news/1746/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2017/dsa-3851 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/98459 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038476 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1677 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1678 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1838 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1983 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:2425 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201710-06 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.postgresql.org/about/news/1746/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| postgresql | postgresql | * | |
| postgresql | postgresql | 9.3 | |
| postgresql | postgresql | 9.3.1 | |
| postgresql | postgresql | 9.3.2 | |
| postgresql | postgresql | 9.3.3 | |
| postgresql | postgresql | 9.3.4 | |
| postgresql | postgresql | 9.3.5 | |
| postgresql | postgresql | 9.3.6 | |
| postgresql | postgresql | 9.3.7 | |
| postgresql | postgresql | 9.3.8 | |
| postgresql | postgresql | 9.3.9 | |
| postgresql | postgresql | 9.3.10 | |
| postgresql | postgresql | 9.3.11 | |
| postgresql | postgresql | 9.3.12 | |
| postgresql | postgresql | 9.3.13 | |
| postgresql | postgresql | 9.3.14 | |
| postgresql | postgresql | 9.3.15 | |
| postgresql | postgresql | 9.3.16 | |
| postgresql | postgresql | 9.4 | |
| postgresql | postgresql | 9.4.1 | |
| postgresql | postgresql | 9.4.2 | |
| postgresql | postgresql | 9.4.3 | |
| postgresql | postgresql | 9.4.4 | |
| postgresql | postgresql | 9.4.5 | |
| postgresql | postgresql | 9.4.6 | |
| postgresql | postgresql | 9.4.7 | |
| postgresql | postgresql | 9.4.8 | |
| postgresql | postgresql | 9.4.9 | |
| postgresql | postgresql | 9.4.10 | |
| postgresql | postgresql | 9.4.11 | |
| postgresql | postgresql | 9.5 | |
| postgresql | postgresql | 9.5.1 | |
| postgresql | postgresql | 9.5.2 | |
| postgresql | postgresql | 9.5.3 | |
| postgresql | postgresql | 9.5.4 | |
| postgresql | postgresql | 9.5.5 | |
| postgresql | postgresql | 9.5.6 | |
| postgresql | postgresql | 9.6 | |
| postgresql | postgresql | 9.6.1 | |
| postgresql | postgresql | 9.6.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20D48E22-78D1-461D-ABE1-C8F578A17CB7",
"versionEndIncluding": "9.2.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B890251-95EB-44F3-A6A7-F718F3C807B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2E5BD02-8C3D-4687-88DE-1C00366270E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "709F5DF9-9F3A-42C3-890B-521B13118C0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "14D85A34-C897-4E52-8F97-18CA51C5461A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A40DAD2B-A6D4-43D8-B282-A3C672356D6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2FE391-9414-480E-A9B1-CF70280E315E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "55B6A4ED-FA3B-4251-BF82-755F95277CF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C7142DF3-124D-43D7-ADD9-70F4F7298557",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "28DEA438-A0ED-49DC-AE51-4E9D8D4B6E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "810B184F-6FB8-48D8-A569-F47BA43C4862",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "064BF155-7E2D-47B9-BD2B-C6E9FC06F5FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "676A81BD-7EEE-4770-B9AC-451B09844D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "30F23D38-BDD6-48E6-A6B2-29CD962EED99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "89833234-3890-4E2E-8FCF-09925D83ED67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "B8F3ACC3-CB15-47E3-A511-E1D1F75E797F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0F6FD785-7C9F-4302-B7ED-93CA04473ACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1BA72C-3A6E-450B-A3DE-3898DEAA9225",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "77D1323D-3096-4D0F-823A-ECAC9017646D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8A587AF3-5E70-4455-8621-DFD048207DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "526AFF26-B3EC-41C3-AC4C-85BFA3F99AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "89D2CAB7-C3D9-4F21-B902-2E498D00EFEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "88797795-8B1C-455F-8C52-6169B2E47D53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DBDE0CC8-F1DF-4723-8FCB-9A33EA8B12D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "90F13667-019B-49DF-929C-3D376FCDE6E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B9E20AA3-C0D3-492C-AF3B-9F61550E6983",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "251C78CA-EEC0-49A8-A3D2-3C86D16CCB7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AB443A75-2466-4164-A71B-9203933CB0D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B02839D4-EE7D-4D42-8934-322E46B643D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B1BAE807-A21F-4980-B64E-911F5E9B16BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9FF7FC5B-C9E3-4109-B3D6-9AC06F75DCB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C15A86-9ED9-492E-877B-86963DAA761A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF74623-EF0E-455D-ADEB-9E336B539D86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FACD7AB7-34E9-4DFC-A788-7B9BF745D780",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F8E8AEBB-9968-458D-8EE4-2725BBE1A53F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7ECC17E6-C5FF-4B63-807A-26E5E6932C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7DB72357-B16D-488A-995C-2703CCEC1D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7040466B-2A7D-4E75-8E4F-FA70D4A7E014",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "44887DE9-506B-46E3-922C-7B3C14B0AF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:9.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D1250F15-7A05-452A-8958-3B1B32B326E1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access."
},
{
"lang": "es",
"value": "Se ha descubierto que algunas funciones de estimaci\u00f3n de selectividad en PostgreSQL, en versiones anteriores a la 9.2.21, versiones 9.3.x anteriores a la 9.3.17, versiones 9.4.x anteriores a la 9.4.12, versiones 9.5.x anteriores a la 9.5.7 y versiones 9.6.x anteriores a la 9.6.3, no verificaban los privilegios de usuario antes de ofrecer informaci\u00f3n de pg_statistic, lo que probablemente implique un filtrado de informaci\u00f3n. Un atacante sin privilegios podr\u00eda utilizar este fallo para robar informaci\u00f3n de tablas a las que, de otra forma, no tendr\u00eda acceso."
}
],
"id": "CVE-2017-7484",
"lastModified": "2026-05-13T00:24:29.033",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-12T19:29:00.193",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2017/dsa-3851"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98459"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id/1038476"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1677"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1678"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1838"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1983"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2017:2425"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201710-06"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.postgresql.org/about/news/1746/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3851"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98459"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1677"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1678"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1838"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1983"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:2425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201710-06"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.postgresql.org/about/news/1746/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-285"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-PWF5-PC7M-6HP4
Vulnerability from github – Published: 2022-05-14 03:53 – Updated: 2025-04-20 03:37
VLAI?
Details
It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access.
Severity ?
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2017-7484"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-285"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-05-12T19:29:00Z",
"severity": "HIGH"
},
"details": "It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access.",
"id": "GHSA-pwf5-pc7m-6hp4",
"modified": "2025-04-20T03:37:39Z",
"published": "2022-05-14T03:53:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7484"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:1677"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:1678"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:1838"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:1983"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2425"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201710-06"
},
{
"type": "WEB",
"url": "https://www.postgresql.org/about/news/1746"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2017/dsa-3851"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/98459"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1038476"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GSD-2017-7484
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-7484",
"description": "It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access.",
"id": "GSD-2017-7484",
"references": [
"https://www.suse.com/security/cve/CVE-2017-7484.html",
"https://www.debian.org/security/2017/dsa-3851",
"https://access.redhat.com/errata/RHSA-2017:2425",
"https://access.redhat.com/errata/RHSA-2017:1983",
"https://access.redhat.com/errata/RHSA-2017:1838",
"https://access.redhat.com/errata/RHSA-2017:1678",
"https://access.redhat.com/errata/RHSA-2017:1677",
"https://advisories.mageia.org/CVE-2017-7484.html",
"https://security.archlinux.org/CVE-2017-7484",
"https://alas.aws.amazon.com/cve/html/CVE-2017-7484.html",
"https://linux.oracle.com/cve/CVE-2017-7484.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-7484"
],
"details": "It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access.",
"id": "GSD-2017-7484",
"modified": "2023-12-13T01:21:07.270675Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-7484",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PostgreSQL",
"version": {
"version_data": [
{
"version_value": "9.2 - 9.6"
}
]
}
}
]
},
"vendor_name": "The PostgreSQL Global Development Group"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-285"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038476",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038476"
},
{
"name": "DSA-3851",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3851"
},
{
"name": "RHSA-2017:2425",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2425"
},
{
"name": "RHSA-2017:1678",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1678"
},
{
"name": "RHSA-2017:1677",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1677"
},
{
"name": "RHSA-2017:1983",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1983"
},
{
"name": "https://www.postgresql.org/about/news/1746/",
"refsource": "CONFIRM",
"url": "https://www.postgresql.org/about/news/1746/"
},
{
"name": "RHSA-2017:1838",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1838"
},
{
"name": "98459",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98459"
},
{
"name": "GLSA-201710-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201710-06"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.5.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.2.20",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.3.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.3.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.3.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.5.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.3.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.3.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postgresql:postgresql:9.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-7484"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.postgresql.org/about/news/1746/",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://www.postgresql.org/about/news/1746/"
},
{
"name": "98459",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98459"
},
{
"name": "1038476",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id/1038476"
},
{
"name": "GLSA-201710-06",
"refsource": "GENTOO",
"tags": [],
"url": "https://security.gentoo.org/glsa/201710-06"
},
{
"name": "DSA-3851",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2017/dsa-3851"
},
{
"name": "RHSA-2017:2425",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2017:2425"
},
{
"name": "RHSA-2017:1983",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2017:1983"
},
{
"name": "RHSA-2017:1838",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2017:1838"
},
{
"name": "RHSA-2017:1678",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2017:1678"
},
{
"name": "RHSA-2017:1677",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2017:1677"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2018-01-05T02:31Z",
"publishedDate": "2017-05-12T19:29Z"
}
}
}
RHSA-2017:1677
Vulnerability from csaf_redhat - Published: 2017-07-05 05:44 - Updated: 2026-05-13 01:09Summary
Red Hat Security Advisory: rh-postgresql95-postgresql security update
Severity
Moderate
Notes
Topic: An update for rh-postgresql95-postgresql is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: PostgreSQL is an advanced object-relational database management system (DBMS).
The following packages have been upgraded to a later upstream version: rh-postgresql95-postgresql (9.5.7). (BZ#1449701)
Security Fix(es):
* It was found that some selectivity estimation functions did not check user privileges before providing information from pg_statistic, possibly leaking information. A non-administrative database user could use this flaw to steal some information from tables they are otherwise not allowed to access. (CVE-2017-7484)
* It was discovered that the PostgreSQL client library (libpq) did not enforce the use of TLS/SSL for a connection to a PostgreSQL server when the PGREQUIRESSL environment variable was set. An man-in-the-middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a client and a server. (CVE-2017-7485)
* It was found that the pg_user_mappings view could disclose information about user mappings to a foreign database to non-administrative database users. A database user with USAGE privilege for this mapping could, when querying the view, obtain user mapping data, such as the username and password used to connect to the foreign database. (CVE-2017-7486)
Red Hat would like to thank the PostgreSQL project for reporting these issues. Upstream acknowledges Robert Haas as the original reporter of CVE-2017-7484; Daniel Gustafsson as the original reporter of CVE-2017-7485; and Andrew Wheelwright as the original reporter of CVE-2017-7486.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was found that some selectivity estimation functions did not check user privileges before providing information from pg_statistic, possibly leaking information. A non-administrative database user could use this flaw to steal some information from tables they are otherwise not allowed to access.
4.3 (Medium)
Affected products
Fixed
78 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was discovered that the PostgreSQL client library (libpq) did not enforce the use of TLS/SSL for a connection to a PostgreSQL server when the PGREQUIRESSL environment variable was set. An man-in-the-middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a client and a server.
7.4 (High)
Affected products
Fixed
78 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
It was found that the pg_user_mappings view could disclose information about user mappings to a foreign database to non-administrative database users. A database user with USAGE privilege for this mapping could, when querying the view, obtain user mapping data, such as the username and password used to connect to the foreign database.
6.3 (Medium)
Affected products
Fixed
78 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
24 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2017:1677 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://www.postgresql.org/about/news/1746/ | external |
| https://www.postgresql.org/docs/current/static/re… | external |
| https://www.postgresql.org/docs/current/static/re… | external |
| https://www.postgresql.org/docs/current/static/re… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1448078 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1448086 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1448089 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1452734 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2017-7484 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1448078 | external |
| https://www.cve.org/CVERecord?id=CVE-2017-7484 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2017-7484 | external |
| https://www.postgresql.org/about/news/1746/ | external |
| https://access.redhat.com/security/cve/CVE-2017-7485 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1448086 | external |
| https://www.cve.org/CVERecord?id=CVE-2017-7485 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2017-7485 | external |
| https://access.redhat.com/security/cve/CVE-2017-7486 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1448089 | external |
| https://www.cve.org/CVERecord?id=CVE-2017-7486 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2017-7486 | external |
Acknowledgments
the PostgreSQL project
Robert Haas
Daniel Gustafsson
Andrew Wheelwright
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for rh-postgresql95-postgresql is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "PostgreSQL is an advanced object-relational database management system (DBMS).\n\nThe following packages have been upgraded to a later upstream version: rh-postgresql95-postgresql (9.5.7). (BZ#1449701)\n\nSecurity Fix(es):\n\n* It was found that some selectivity estimation functions did not check user privileges before providing information from pg_statistic, possibly leaking information. A non-administrative database user could use this flaw to steal some information from tables they are otherwise not allowed to access. (CVE-2017-7484)\n\n* It was discovered that the PostgreSQL client library (libpq) did not enforce the use of TLS/SSL for a connection to a PostgreSQL server when the PGREQUIRESSL environment variable was set. An man-in-the-middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a client and a server. (CVE-2017-7485)\n\n* It was found that the pg_user_mappings view could disclose information about user mappings to a foreign database to non-administrative database users. A database user with USAGE privilege for this mapping could, when querying the view, obtain user mapping data, such as the username and password used to connect to the foreign database. (CVE-2017-7486)\n\nRed Hat would like to thank the PostgreSQL project for reporting these issues. Upstream acknowledges Robert Haas as the original reporter of CVE-2017-7484; Daniel Gustafsson as the original reporter of CVE-2017-7485; and Andrew Wheelwright as the original reporter of CVE-2017-7486.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:1677",
"url": "https://access.redhat.com/errata/RHSA-2017:1677"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://www.postgresql.org/about/news/1746/",
"url": "https://www.postgresql.org/about/news/1746/"
},
{
"category": "external",
"summary": "https://www.postgresql.org/docs/current/static/release-9-5-5.html",
"url": "https://www.postgresql.org/docs/current/static/release-9-5-5.html"
},
{
"category": "external",
"summary": "https://www.postgresql.org/docs/current/static/release-9-5-6.html",
"url": "https://www.postgresql.org/docs/current/static/release-9-5-6.html"
},
{
"category": "external",
"summary": "https://www.postgresql.org/docs/current/static/release-9-5-7.html",
"url": "https://www.postgresql.org/docs/current/static/release-9-5-7.html"
},
{
"category": "external",
"summary": "1448078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1448078"
},
{
"category": "external",
"summary": "1448086",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1448086"
},
{
"category": "external",
"summary": "1448089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1448089"
},
{
"category": "external",
"summary": "1452734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452734"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1677.json"
}
],
"title": "Red Hat Security Advisory: rh-postgresql95-postgresql security update",
"tracking": {
"current_release_date": "2026-05-13T01:09:10+00:00",
"generator": {
"date": "2026-05-13T01:09:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2017:1677",
"initial_release_date": "2017-07-05T05:44:17+00:00",
"revision_history": [
{
"date": "2017-07-05T05:44:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-07-05T05:44:17+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-13T01:09:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Software Collections"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"product": {
"name": "rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"product_id": "rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql-static@9.5.7-2.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"product": {
"name": "rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"product_id": "rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql-libs@9.5.7-2.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"product": {
"name": "rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"product_id": "rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql-debuginfo@9.5.7-2.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"product": {
"name": "rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"product_id": "rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql-devel@9.5.7-2.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"product": {
"name": "rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"product_id": "rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql@9.5.7-2.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"product": {
"name": "rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"product_id": "rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql-plperl@9.5.7-2.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"product": {
"name": "rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"product_id": "rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql-contrib@9.5.7-2.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"product": {
"name": "rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"product_id": "rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql-test@9.5.7-2.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"product": {
"name": "rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"product_id": "rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql-server@9.5.7-2.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"product": {
"name": "rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"product_id": "rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql-pltcl@9.5.7-2.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"product": {
"name": "rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"product_id": "rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql-plpython@9.5.7-2.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"product": {
"name": "rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"product_id": "rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql-docs@9.5.7-2.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"product": {
"name": "rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"product_id": "rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql-static@9.5.7-2.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"product": {
"name": "rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"product_id": "rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql-debuginfo@9.5.7-2.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"product": {
"name": "rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"product_id": "rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql-devel@9.5.7-2.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"product": {
"name": "rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"product_id": "rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql-contrib@9.5.7-2.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"product": {
"name": "rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"product_id": "rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql-plperl@9.5.7-2.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"product": {
"name": "rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"product_id": "rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql@9.5.7-2.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"product": {
"name": "rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"product_id": "rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql-libs@9.5.7-2.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"product": {
"name": "rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"product_id": "rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql-server@9.5.7-2.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"product": {
"name": "rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"product_id": "rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql-pltcl@9.5.7-2.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"product": {
"name": "rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"product_id": "rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql-test@9.5.7-2.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"product": {
"name": "rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"product_id": "rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql-plpython@9.5.7-2.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"product": {
"name": "rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"product_id": "rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql-docs@9.5.7-2.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"product": {
"name": "rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"product_id": "rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql@9.5.7-2.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"product": {
"name": "rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"product_id": "rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-postgresql95-postgresql@9.5.7-2.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-0:9.5.7-2.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.src"
},
"product_reference": "rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-0:9.5.7-2.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src"
},
"product_reference": "rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-0:9.5.7-2.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src"
},
"product_reference": "rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-0:9.5.7-2.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.src"
},
"product_reference": "rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-0:9.5.7-2.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src"
},
"product_reference": "rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-0:9.5.7-2.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src"
},
"product_reference": "rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64"
},
"product_reference": "rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"the PostgreSQL project"
]
},
{
"names": [
"Robert Haas"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2017-7484",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"discovery_date": "2017-05-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1448078"
}
],
"notes": [
{
"category": "description",
"text": "It was found that some selectivity estimation functions did not check user privileges before providing information from pg_statistic, possibly leaking information. A non-administrative database user could use this flaw to steal some information from tables they are otherwise not allowed to access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "postgresql: Selectivity estimators bypass SELECT privilege checks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7484"
},
{
"category": "external",
"summary": "RHBZ#1448078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1448078"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7484",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7484"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7484",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7484"
},
{
"category": "external",
"summary": "https://www.postgresql.org/about/news/1746/",
"url": "https://www.postgresql.org/about/news/1746/"
}
],
"release_date": "2017-05-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-07-05T05:44:17+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nIf the postgresql service is running, it will be automatically restarted after installing this update.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:1677"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "postgresql: Selectivity estimators bypass SELECT privilege checks"
},
{
"acknowledgments": [
{
"names": [
"the PostgreSQL project"
]
},
{
"names": [
"Daniel Gustafsson"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2017-7485",
"cwe": {
"id": "CWE-390",
"name": "Detection of Error Condition Without Action"
},
"discovery_date": "2017-05-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1448086"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the PostgreSQL client library (libpq) did not enforce the use of TLS/SSL for a connection to a PostgreSQL server when the PGREQUIRESSL environment variable was set. An man-in-the-middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a client and a server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "postgresql: libpq ignores PGREQUIRESSL environment variable",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7485"
},
{
"category": "external",
"summary": "RHBZ#1448086",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1448086"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7485"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7485",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7485"
},
{
"category": "external",
"summary": "https://www.postgresql.org/about/news/1746/",
"url": "https://www.postgresql.org/about/news/1746/"
}
],
"release_date": "2017-05-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-07-05T05:44:17+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nIf the postgresql service is running, it will be automatically restarted after installing this update.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:1677"
},
{
"category": "workaround",
"details": "Use PGSSLMODE=require instead of PGREQUIRESSL=1",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "postgresql: libpq ignores PGREQUIRESSL environment variable"
},
{
"acknowledgments": [
{
"names": [
"the PostgreSQL project"
]
},
{
"names": [
"Andrew Wheelwright"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2017-7486",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2017-05-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1448089"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the pg_user_mappings view could disclose information about user mappings to a foreign database to non-administrative database users. A database user with USAGE privilege for this mapping could, when querying the view, obtain user mapping data, such as the username and password used to connect to the foreign database.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "postgresql: pg_user_mappings view discloses foreign server passwords",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7486"
},
{
"category": "external",
"summary": "RHBZ#1448089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1448089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7486",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7486"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7486",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7486"
},
{
"category": "external",
"summary": "https://www.postgresql.org/about/news/1746/",
"url": "https://www.postgresql.org/about/news/1746/"
}
],
"release_date": "2017-05-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-07-05T05:44:17+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nIf the postgresql service is running, it will be automatically restarted after installing this update.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:1677"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4-6.7.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.src",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el6.x86_64",
"6Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el6.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4-7.3.Z:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Server-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.src",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-contrib-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-debuginfo-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-devel-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-docs-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-libs-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plperl-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-plpython-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-pltcl-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-server-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-static-0:9.5.7-2.el7.x86_64",
"7Workstation-RHSCL-2.4:rh-postgresql95-postgresql-test-0:9.5.7-2.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "postgresql: pg_user_mappings view discloses foreign server passwords"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…