CVE-2023-5870 (GCVE-0-2023-5870)

Vulnerability from cvelistv5 – Published: 2023-12-10 17:58 – Updated: 2025-11-20 01:24
VLAI?
Summary
A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.
Severity ?
2.2 (Low)
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
References
https://access.redhat.com/errata/RHSA-2023:7545 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7579 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7580 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7581 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7616 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7656 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7666 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7667 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7694 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7695 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7714 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7770 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7772 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7784 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7785 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7883 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7884 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7885 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0304 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0332 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0337 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-5870 vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2247170 issue-trackingx_refsource_REDHAT
https://www.postgresql.org/about/news/postgresql-…
https://www.postgresql.org/support/security/CVE-2…
Impacted products
Vendor Product Version
Red Hat Red Hat Advanced Cluster Security 4.2 Unaffected: 4.2.4-6 , < * (rpm)
    cpe:/a:redhat:advanced_cluster_security:4.2::el8
 Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Security 4.2 Unaffected: 4.2.4-6 , < * (rpm)
    cpe:/a:redhat:advanced_cluster_security:4.2::el8
 Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Security 4.2 Unaffected: 4.2.4-7 , < * (rpm)
    cpe:/a:redhat:advanced_cluster_security:4.2::el8
 Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Security 4.2 Unaffected: 4.2.4-6 , < * (rpm)
    cpe:/a:redhat:advanced_cluster_security:4.2::el8
 Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Security 4.2 Unaffected: 4.2.4-7 , < * (rpm)
    cpe:/a:redhat:advanced_cluster_security:4.2::el8
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 8090020231114113712.a75119d5 , < * (rpm)
    cpe:/a:redhat:enterprise_linux:8::appstream
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 8090020231128173330.a75119d5 , < * (rpm)
    cpe:/a:redhat:enterprise_linux:8::appstream
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 8090020231114113548.a75119d5 , < * (rpm)
    cpe:/a:redhat:enterprise_linux:8::appstream
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 8020020231128165246.4cda2c84 , < * (rpm)
    cpe:/a:redhat:rhel_tus:8.2::appstream
    cpe:/a:redhat:rhel_aus:8.2::appstream
    cpe:/a:redhat:rhel_e4s:8.2::appstream
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 8020020231128165246.4cda2c84 , < * (rpm)
    cpe:/a:redhat:rhel_tus:8.2::appstream
    cpe:/a:redhat:rhel_aus:8.2::appstream
    cpe:/a:redhat:rhel_e4s:8.2::appstream
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 8020020231128165246.4cda2c84 , < * (rpm)
    cpe:/a:redhat:rhel_tus:8.2::appstream
    cpe:/a:redhat:rhel_aus:8.2::appstream
    cpe:/a:redhat:rhel_e4s:8.2::appstream
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 8040020231127153301.522a0ee4 , < * (rpm)
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 8040020231127154806.522a0ee4 , < * (rpm)
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 8040020231127153301.522a0ee4 , < * (rpm)
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 8040020231127154806.522a0ee4 , < * (rpm)
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 8040020231127153301.522a0ee4 , < * (rpm)
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 8040020231127154806.522a0ee4 , < * (rpm)
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 8060020231114115246.ad008a3a , < * (rpm)
    cpe:/a:redhat:rhel_eus:8.6::appstream
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 8060020231128165328.ad008a3a , < * (rpm)
    cpe:/a:redhat:rhel_eus:8.6::appstream
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 8080020231114105206.63b34585 , < * (rpm)
    cpe:/a:redhat:rhel_eus:8.8::appstream
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 8080020231128165335.63b34585 , < * (rpm)
    cpe:/a:redhat:rhel_eus:8.8::appstream
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 8080020231113134015.63b34585 , < * (rpm)
    cpe:/a:redhat:rhel_eus:8.8::appstream
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:13.13-1.el9_3 , < * (rpm)
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 9030020231120082734.rhel9 , < * (rpm)
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:13.13-1.el9_0 , < * (rpm)
    cpe:/a:redhat:rhel_eus:9.0::appstream
    cpe:/a:redhat:rhel_eus:9.0::crb
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:13.13-1.el9_2 , < * (rpm)
    cpe:/a:redhat:rhel_eus:9.2::crb
    cpe:/a:redhat:rhel_eus:9.2::appstream
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 9020020231115020618.rhel9 , < * (rpm)
    cpe:/a:redhat:rhel_eus:9.2::appstream
 Create a notification for this product.
    Red Hat Red Hat Software Collections for Red Hat Enterprise Linux 7 Unaffected: 0:12.17-1.el7 , < * (rpm)
    cpe:/a:redhat:rhel_software_collections:3::el7
 Create a notification for this product.
    Red Hat Red Hat Software Collections for Red Hat Enterprise Linux 7 Unaffected: 0:13.13-1.el7 , < * (rpm)
    cpe:/a:redhat:rhel_software_collections:3::el7
 Create a notification for this product.
    Red Hat RHACS-3.74-RHEL-8 Unaffected: 3.74.8-9 , < * (rpm)
    cpe:/a:redhat:advanced_cluster_security:3.74::el8
 Create a notification for this product.
    Red Hat RHACS-3.74-RHEL-8 Unaffected: 3.74.8-9 , < * (rpm)
    cpe:/a:redhat:advanced_cluster_security:3.74::el8
 Create a notification for this product.
    Red Hat RHACS-3.74-RHEL-8 Unaffected: 3.74.8-7 , < * (rpm)
    cpe:/a:redhat:advanced_cluster_security:3.74::el8
 Create a notification for this product.
    Red Hat RHACS-3.74-RHEL-8 Unaffected: 3.74.8-9 , < * (rpm)
    cpe:/a:redhat:advanced_cluster_security:3.74::el8
 Create a notification for this product.
    Red Hat RHACS-3.74-RHEL-8 Unaffected: 3.74.8-9 , < * (rpm)
    cpe:/a:redhat:advanced_cluster_security:3.74::el8
 Create a notification for this product.
    Red Hat RHACS-4.1-RHEL-8 Unaffected: 4.1.6-6 , < * (rpm)
    cpe:/a:redhat:advanced_cluster_security:4.1::el8
 Create a notification for this product.
    Red Hat RHACS-4.1-RHEL-8 Unaffected: 4.1.6-6 , < * (rpm)
    cpe:/a:redhat:advanced_cluster_security:4.1::el8
 Create a notification for this product.
    Red Hat RHACS-4.1-RHEL-8 Unaffected: 4.1.6-6 , < * (rpm)
    cpe:/a:redhat:advanced_cluster_security:4.1::el8
 Create a notification for this product.
    Red Hat RHACS-4.1-RHEL-8 Unaffected: 4.1.6-6 , < * (rpm)
    cpe:/a:redhat:advanced_cluster_security:4.1::el8
 Create a notification for this product.
    Red Hat RHACS-4.1-RHEL-8 Unaffected: 4.1.6-6 , < * (rpm)
    cpe:/a:redhat:advanced_cluster_security:4.1::el8
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
 Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
    Red Hat Red Hat Software Collections     cpe:/a:redhat:rhel_software_collections:3
 Create a notification for this product.
Credits
Upstream acknowledges Hemanth Sandrana and Mahendrakar Srinivasarao as the original reporters.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:25:52.585Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2023:7545",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7545"
          },
          {
            "name": "RHSA-2023:7579",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7579"
          },
          {
            "name": "RHSA-2023:7580",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7580"
          },
          {
            "name": "RHSA-2023:7581",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7581"
          },
          {
            "name": "RHSA-2023:7616",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7616"
          },
          {
            "name": "RHSA-2023:7656",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7656"
          },
          {
            "name": "RHSA-2023:7666",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7666"
          },
          {
            "name": "RHSA-2023:7667",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7667"
          },
          {
            "name": "RHSA-2023:7694",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7694"
          },
          {
            "name": "RHSA-2023:7695",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7695"
          },
          {
            "name": "RHSA-2023:7714",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7714"
          },
          {
            "name": "RHSA-2023:7770",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7770"
          },
          {
            "name": "RHSA-2023:7772",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7772"
          },
          {
            "name": "RHSA-2023:7784",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7784"
          },
          {
            "name": "RHSA-2023:7785",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7785"
          },
          {
            "name": "RHSA-2023:7883",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7883"
          },
          {
            "name": "RHSA-2023:7884",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7884"
          },
          {
            "name": "RHSA-2023:7885",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7885"
          },
          {
            "name": "RHSA-2024:0304",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0304"
          },
          {
            "name": "RHSA-2024:0332",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0332"
          },
          {
            "name": "RHSA-2024:0337",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0337"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-5870"
          },
          {
            "name": "RHBZ#2247170",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247170"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240119-0003/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.postgresql.org/support/security/CVE-2023-5870/"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-5870",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2023-12-19T19:42:25.492582Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-02T17:04:19.568Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231114113712.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231128173330.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231114113548.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020231114115246.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020231128165328.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231114105206.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231128165335.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231113134015.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "9030020231120082734.rhel9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::appstream",
            "cpe:/a:redhat:rhel_eus:9.0::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::crb",
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "9020020231115020618.rhel9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3::el7"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql12-postgresql",
          "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:12.17-1.el7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3::el7"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql13-postgresql",
          "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:10/postgresql",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "postgresql:16/postgresql",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "postgresql:16/postgresql",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql10-postgresql",
          "product": "Red Hat Software Collections",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Upstream acknowledges Hemanth Sandrana and Mahendrakar Srinivasarao as the original reporters."
        }
      ],
      "datePublic": "2023-11-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 2.2,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-20T01:24:42.606Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2023:7545",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7545"
        },
        {
          "name": "RHSA-2023:7579",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7579"
        },
        {
          "name": "RHSA-2023:7580",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7580"
        },
        {
          "name": "RHSA-2023:7581",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7581"
        },
        {
          "name": "RHSA-2023:7616",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7616"
        },
        {
          "name": "RHSA-2023:7656",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7656"
        },
        {
          "name": "RHSA-2023:7666",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7666"
        },
        {
          "name": "RHSA-2023:7667",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7667"
        },
        {
          "name": "RHSA-2023:7694",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7694"
        },
        {
          "name": "RHSA-2023:7695",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7695"
        },
        {
          "name": "RHSA-2023:7714",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7714"
        },
        {
          "name": "RHSA-2023:7770",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7770"
        },
        {
          "name": "RHSA-2023:7772",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7772"
        },
        {
          "name": "RHSA-2023:7784",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7784"
        },
        {
          "name": "RHSA-2023:7785",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7785"
        },
        {
          "name": "RHSA-2023:7883",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7883"
        },
        {
          "name": "RHSA-2023:7884",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7884"
        },
        {
          "name": "RHSA-2023:7885",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7885"
        },
        {
          "name": "RHSA-2024:0304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0304"
        },
        {
          "name": "RHSA-2024:0332",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0332"
        },
        {
          "name": "RHSA-2024:0337",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0337"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-5870"
        },
        {
          "name": "RHBZ#2247170",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247170"
        },
        {
          "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/"
        },
        {
          "url": "https://www.postgresql.org/support/security/CVE-2023-5870/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-10-31T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-11-09T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Postgresql: role pg_signal_backend can signal certain superuser processes.",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-400: Uncontrolled Resource Consumption"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-5870",
    "datePublished": "2023-12-10T17:58:30.213Z",
    "dateReserved": "2023-10-31T03:56:58.366Z",
    "dateUpdated": "2025-11-20T01:24:42.606Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.0\", \"versionEndExcluding\": \"11.22\", \"matchCriteriaId\": \"1D407A29-CAB0-425B-87B6-F2487FAE6B71\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"12.0\", \"versionEndExcluding\": \"12.17\", \"matchCriteriaId\": \"13B24306-F52A-47E4-A7E4-EA7E46F850EF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.0\", \"versionEndExcluding\": \"13.13\", \"matchCriteriaId\": \"AA77ED73-60C6-4666-9355-7C28CD774001\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.0\", \"versionEndExcluding\": \"14.10\", \"matchCriteriaId\": \"7F2D30CB-C04F-4B6A-8E82-7DDC98B10D21\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.0\", \"versionEndExcluding\": \"15.5\", \"matchCriteriaId\": \"E8883865-D864-497D-B39C-90D3ACC6A932\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postgresql:postgresql:16.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"654E69F1-844B-4E32-9C3D-FA8032FB3A61\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"936B046D-ADEB-4701-8957-AC28CFA9C5C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"56CE19E2-F92D-4C36-9319-E6CD4766D0D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"056DABF5-0C1D-4EBA-B02B-443BACB20D6F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:8.6_aarch64:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"02F08DBD-4BD0-408D-B817-04B2EB82137E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.0_aarch64:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CDE46FD5-B415-49B7-BF2D-E76D068C3920\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.2_aarch64:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"09AAD850-019A-46B8-A5A1-845DE048D30A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.0_s390x:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4E39B04-D3E5-4106-8A8F-0C496FF9997F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"86034E5B-BCDD-4AFD-A460-38E790F608F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F6967B4-C62B-4252-B5C3-50532B9EA3FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C2ED1251-245C-4390-8964-DDCAD54A8957\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D7EE4B6-A6EC-4B9B-91DF-79615796673F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4CFF558-3C47-480D-A2F0-BABF26042943\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F6FB57C-2BC7-487C-96DD-132683AEB35D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6C3741B8-851F-475D-B428-523F4F722350\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62C31522-0A17-4025-B269-855C7F4B45C2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_eus:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DDA3E5A-8754-4C48-9A27-E2415F8A6000\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C74F6FA-FA6C-4648-9079-91446E45EE47\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3F797F2E-00E6-4D03-A94E-524227529A0A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.8_aarch64:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F7F8A347-0ACE-40E4-BF7B-656D66DDB425\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"32AF225E-94C0-4D07-900C-DD868C05F554\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B758EDC9-6421-422C-899E-A273D2936D8E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"22C65F53-D624-48A9-A9B7-4C78A31E19F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.0_s390x:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0CC06C2A-64A5-4302-B754-A4DC0E12FE7C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"26041661-0280-4544-AA0A-BC28FCED4699\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"23D471AC-7DCA-4425-AD91-E5D928753A8C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D9C30C59-07F7-4CCE-B057-052ECCD36DB8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F91F9255-4EE1-43C7-8831-D2B6C228BFD9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62D3FD78-5B63-4A1B-B4EE-9B098844691E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"99952557-C766-4B9E-8BF5-DBBA194349FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6897676D-53F9-45B3-B27F-7FF9A4C58D33\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E28F226A-CBC7-4A32-BE58-398FA5B42481\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"76C24D94-834A-4E9D-8F73-624AFA99AAA2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F32CA554-F9D7-425B-8F1C-89678507F28C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B09ACF2D-D83F-4A86-8185-9569605D8EE1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AC10D919-57FD-4725-B8D2-39ECB476902F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1272DF03-7674-4BD4-8E64-94004B195448\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.\"}, {\"lang\": \"es\", \"value\": \"Se encontr\\u00f3 una falla en PostgreSQL que involucra la funci\\u00f3n pg_cancel_backend que se\\u00f1ala a los trabajadores en segundo plano, incluido el iniciador de replicaci\\u00f3n l\\u00f3gica, los trabajadores de autovacuum y el iniciador de autovacuum. La explotaci\\u00f3n exitosa requiere una extensi\\u00f3n no central con un trabajador en segundo plano menos resistente y afectar\\u00eda \\u00fanicamente a ese trabajador en segundo plano espec\\u00edfico. Este problema puede permitir que un usuario remoto con privilegios elevados lance un ataque de denegaci\\u00f3n de servicio (DoS).\"}]",
      "id": "CVE-2023-5870",
      "lastModified": "2024-11-21T08:42:40.697",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L\", \"baseScore\": 2.2, \"baseSeverity\": \"LOW\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 0.7, \"impactScore\": 1.4}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 4.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.7, \"impactScore\": 3.6}]}",
      "published": "2023-12-10T18:15:07.643",
      "references": "[{\"url\": \"https://access.redhat.com/errata/RHSA-2023:7545\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7579\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7580\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7581\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7616\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7656\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7666\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7667\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7694\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7695\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7714\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7770\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7772\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7784\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7785\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7883\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7884\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7885\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:0304\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:0332\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:0337\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2023-5870\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2247170\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://www.postgresql.org/support/security/CVE-2023-5870/\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7545\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7579\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7580\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7581\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7616\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7656\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7666\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7667\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7694\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7695\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7714\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7770\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7772\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7784\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7785\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7883\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7884\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7885\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:0304\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:0332\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:0337\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2023-5870\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2247170\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240119-0003/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://www.postgresql.org/support/security/CVE-2023-5870/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-400\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-5870\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2023-12-10T18:15:07.643\",\"lastModified\":\"2025-11-04T20:17:14.013\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una falla en PostgreSQL que involucra la funci\u00f3n pg_cancel_backend que se\u00f1ala a los trabajadores en segundo plano, incluido el iniciador de replicaci\u00f3n l\u00f3gica, los trabajadores de autovacuum y el iniciador de autovacuum. La explotaci\u00f3n exitosa requiere una extensi\u00f3n no central con un trabajador en segundo plano menos resistente y afectar\u00eda \u00fanicamente a ese trabajador en segundo plano espec\u00edfico. Este problema puede permitir que un usuario remoto con privilegios elevados lance un ataque de denegaci\u00f3n de servicio (DoS).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":2.2,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":0.7,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.7,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0\",\"versionEndExcluding\":\"11.22\",\"matchCriteriaId\":\"1D407A29-CAB0-425B-87B6-F2487FAE6B71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.0\",\"versionEndExcluding\":\"12.17\",\"matchCriteriaId\":\"13B24306-F52A-47E4-A7E4-EA7E46F850EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.0\",\"versionEndExcluding\":\"13.13\",\"matchCriteriaId\":\"AA77ED73-60C6-4666-9355-7C28CD774001\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0\",\"versionEndExcluding\":\"14.10\",\"matchCriteriaId\":\"7F2D30CB-C04F-4B6A-8E82-7DDC98B10D21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.0\",\"versionEndExcluding\":\"15.5\",\"matchCriteriaId\":\"E8883865-D864-497D-B39C-90D3ACC6A932\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"654E69F1-844B-4E32-9C3D-FA8032FB3A61\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"936B046D-ADEB-4701-8957-AC28CFA9C5C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56CE19E2-F92D-4C36-9319-E6CD4766D0D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"056DABF5-0C1D-4EBA-B02B-443BACB20D6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:8.6_aarch64:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02F08DBD-4BD0-408D-B817-04B2EB82137E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.0_aarch64:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDE46FD5-B415-49B7-BF2D-E76D068C3920\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.2_aarch64:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09AAD850-019A-46B8-A5A1-845DE048D30A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.0_s390x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4E39B04-D3E5-4106-8A8F-0C496FF9997F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86034E5B-BCDD-4AFD-A460-38E790F608F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F6967B4-C62B-4252-B5C3-50532B9EA3FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2ED1251-245C-4390-8964-DDCAD54A8957\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D7EE4B6-A6EC-4B9B-91DF-79615796673F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F6FB57C-2BC7-487C-96DD-132683AEB35D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C3741B8-851F-475D-B428-523F4F722350\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62C31522-0A17-4025-B269-855C7F4B45C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DDA3E5A-8754-4C48-9A27-E2415F8A6000\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C74F6FA-FA6C-4648-9079-91446E45EE47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F797F2E-00E6-4D03-A94E-524227529A0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.8_aarch64:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7F8A347-0ACE-40E4-BF7B-656D66DDB425\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32AF225E-94C0-4D07-900C-DD868C05F554\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B758EDC9-6421-422C-899E-A273D2936D8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22C65F53-D624-48A9-A9B7-4C78A31E19F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.0_s390x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CC06C2A-64A5-4302-B754-A4DC0E12FE7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26041661-0280-4544-AA0A-BC28FCED4699\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23D471AC-7DCA-4425-AD91-E5D928753A8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9C30C59-07F7-4CCE-B057-052ECCD36DB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F91F9255-4EE1-43C7-8831-D2B6C228BFD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62D3FD78-5B63-4A1B-B4EE-9B098844691E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99952557-C766-4B9E-8BF5-DBBA194349FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6897676D-53F9-45B3-B27F-7FF9A4C58D33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E28F226A-CBC7-4A32-BE58-398FA5B42481\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76C24D94-834A-4E9D-8F73-624AFA99AAA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F32CA554-F9D7-425B-8F1C-89678507F28C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B09ACF2D-D83F-4A86-8185-9569605D8EE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC10D919-57FD-4725-B8D2-39ECB476902F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1272DF03-7674-4BD4-8E64-94004B195448\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7545\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7579\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7580\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7581\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7616\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7656\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7666\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7667\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7694\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7695\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7714\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7770\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7772\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7784\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7785\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7883\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7884\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7885\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:0304\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:0332\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:0337\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2023-5870\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2247170\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.postgresql.org/support/security/CVE-2023-5870/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7545\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7579\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7580\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7581\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7616\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7656\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7666\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7667\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7694\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7695\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7714\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7770\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7772\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7784\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7785\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7883\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7884\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:7885\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:0304\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:0332\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:0337\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2023-5870\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2247170\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/11/msg00007.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20240119-0003/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.postgresql.org/support/security/CVE-2023-5870/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2023:7545\", \"name\": \"RHSA-2023:7545\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7579\", \"name\": \"RHSA-2023:7579\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7580\", \"name\": \"RHSA-2023:7580\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7581\", \"name\": \"RHSA-2023:7581\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7616\", \"name\": \"RHSA-2023:7616\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7656\", \"name\": \"RHSA-2023:7656\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7666\", \"name\": \"RHSA-2023:7666\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7667\", \"name\": \"RHSA-2023:7667\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7694\", \"name\": \"RHSA-2023:7694\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7695\", \"name\": \"RHSA-2023:7695\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7714\", \"name\": \"RHSA-2023:7714\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7770\", \"name\": \"RHSA-2023:7770\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7772\", \"name\": \"RHSA-2023:7772\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7784\", \"name\": \"RHSA-2023:7784\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7785\", \"name\": \"RHSA-2023:7785\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7883\", \"name\": \"RHSA-2023:7883\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7884\", \"name\": \"RHSA-2023:7884\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7885\", \"name\": \"RHSA-2023:7885\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:0304\", \"name\": \"RHSA-2024:0304\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:0332\", \"name\": \"RHSA-2024:0332\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:0337\", \"name\": \"RHSA-2024:0337\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2023-5870\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2247170\", \"name\": \"RHBZ#2247170\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240119-0003/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.postgresql.org/support/security/CVE-2023-5870/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00007.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-04T19:25:52.585Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-5870\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2023-12-19T19:42:25.492582Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-12-02T17:04:12.058Z\"}}], \"cna\": {\"title\": \"Postgresql: role pg_signal_backend can signal certain superuser processes.\", \"credits\": [{\"lang\": \"en\", \"value\": \"Upstream acknowledges Hemanth Sandrana and Mahendrakar Srinivasarao as the original reporters.\"}], \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Low\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 2.2, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.2::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security 4.2\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"4.2.4-6\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"advanced-cluster-security/rhacs-central-db-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.2::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security 4.2\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"4.2.4-6\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"advanced-cluster-security/rhacs-main-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.2::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security 4.2\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"4.2.4-7\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"advanced-cluster-security/rhacs-operator-bundle\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.2::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security 4.2\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"4.2.4-6\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"advanced-cluster-security/rhacs-scanner-db-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.2::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security 4.2\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"4.2.4-7\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"advanced-cluster-security/rhacs-scanner-db-slim-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8090020231114113712.a75119d5\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"postgresql:13\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8090020231128173330.a75119d5\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"postgresql:12\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8090020231114113548.a75119d5\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"postgresql:15\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_tus:8.2::appstream\", \"cpe:/a:redhat:rhel_aus:8.2::appstream\", \"cpe:/a:redhat:rhel_e4s:8.2::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.2 Advanced Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8020020231128165246.4cda2c84\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"postgresql:12\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_tus:8.2::appstream\", \"cpe:/a:redhat:rhel_aus:8.2::appstream\", \"cpe:/a:redhat:rhel_e4s:8.2::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.2 Telecommunications Update Service\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8020020231128165246.4cda2c84\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"postgresql:12\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_tus:8.2::appstream\", \"cpe:/a:redhat:rhel_aus:8.2::appstream\", \"cpe:/a:redhat:rhel_e4s:8.2::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8020020231128165246.4cda2c84\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"postgresql:12\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.4::appstream\", \"cpe:/a:redhat:rhel_e4s:8.4::appstream\", \"cpe:/a:redhat:rhel_tus:8.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8040020231127153301.522a0ee4\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"postgresql:12\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.4::appstream\", \"cpe:/a:redhat:rhel_e4s:8.4::appstream\", \"cpe:/a:redhat:rhel_tus:8.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8040020231127154806.522a0ee4\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"postgresql:13\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.4::appstream\", \"cpe:/a:redhat:rhel_e4s:8.4::appstream\", \"cpe:/a:redhat:rhel_tus:8.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.4 Telecommunications Update Service\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8040020231127153301.522a0ee4\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"postgresql:12\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.4::appstream\", \"cpe:/a:redhat:rhel_e4s:8.4::appstream\", \"cpe:/a:redhat:rhel_tus:8.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.4 Telecommunications Update Service\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8040020231127154806.522a0ee4\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"postgresql:13\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.4::appstream\", \"cpe:/a:redhat:rhel_e4s:8.4::appstream\", \"cpe:/a:redhat:rhel_tus:8.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8040020231127153301.522a0ee4\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"postgresql:12\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.4::appstream\", \"cpe:/a:redhat:rhel_e4s:8.4::appstream\", \"cpe:/a:redhat:rhel_tus:8.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8040020231127154806.522a0ee4\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"postgresql:13\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:8.6::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.6 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8060020231114115246.ad008a3a\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"postgresql:13\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:8.6::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.6 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8060020231128165328.ad008a3a\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"postgresql:12\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:8.8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.8 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8080020231114105206.63b34585\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"postgresql:13\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:8.8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.8 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8080020231128165335.63b34585\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"postgresql:12\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:8.8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.8 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8080020231113134015.63b34585\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"postgresql:15\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::crb\", \"cpe:/a:redhat:enterprise_linux:9::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:13.13-1.el9_3\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"postgresql\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"9030020231120082734.rhel9\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"postgresql:15\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.0::appstream\", \"cpe:/a:redhat:rhel_eus:9.0::crb\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.0 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:13.13-1.el9_0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"postgresql\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.2::crb\", \"cpe:/a:redhat:rhel_eus:9.2::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.2 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:13.13-1.el9_2\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"postgresql\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.2::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.2 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"9020020231115020618.rhel9\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"postgresql:15\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_software_collections:3::el7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Software Collections for Red Hat Enterprise Linux 7\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:12.17-1.el7\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rh-postgresql12-postgresql\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_software_collections:3::el7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Software Collections for Red Hat Enterprise Linux 7\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:13.13-1.el7\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rh-postgresql13-postgresql\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:3.74::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHACS-3.74-RHEL-8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"3.74.8-9\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"advanced-cluster-security/rhacs-central-db-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:3.74::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHACS-3.74-RHEL-8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"3.74.8-9\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"advanced-cluster-security/rhacs-main-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:3.74::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHACS-3.74-RHEL-8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"3.74.8-7\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"advanced-cluster-security/rhacs-operator-bundle\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:3.74::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHACS-3.74-RHEL-8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"3.74.8-9\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"advanced-cluster-security/rhacs-scanner-db-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:3.74::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHACS-3.74-RHEL-8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"3.74.8-9\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"advanced-cluster-security/rhacs-scanner-db-slim-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.1::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHACS-4.1-RHEL-8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"4.1.6-6\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"advanced-cluster-security/rhacs-central-db-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.1::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHACS-4.1-RHEL-8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"4.1.6-6\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"advanced-cluster-security/rhacs-main-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.1::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHACS-4.1-RHEL-8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"4.1.6-6\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"advanced-cluster-security/rhacs-operator-bundle\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.1::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHACS-4.1-RHEL-8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"4.1.6-6\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"advanced-cluster-security/rhacs-scanner-db-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.1::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHACS-4.1-RHEL-8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"4.1.6-6\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"advanced-cluster-security/rhacs-scanner-db-slim-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 6\", \"packageName\": \"postgresql\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7\", \"packageName\": \"postgresql\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"packageName\": \"postgresql:10/postgresql\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"packageName\": \"postgresql:16/postgresql\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"packageName\": \"postgresql:16/postgresql\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_software_collections:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Software Collections\", \"packageName\": \"rh-postgresql10-postgresql\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2023-10-31T00:00:00+00:00\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2023-11-09T00:00:00+00:00\", \"value\": \"Made public.\"}], \"datePublic\": \"2023-11-09T00:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2023:7545\", \"name\": \"RHSA-2023:7545\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7579\", \"name\": \"RHSA-2023:7579\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7580\", \"name\": \"RHSA-2023:7580\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7581\", \"name\": \"RHSA-2023:7581\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7616\", \"name\": \"RHSA-2023:7616\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7656\", \"name\": \"RHSA-2023:7656\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7666\", \"name\": \"RHSA-2023:7666\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7667\", \"name\": \"RHSA-2023:7667\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7694\", \"name\": \"RHSA-2023:7694\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7695\", \"name\": \"RHSA-2023:7695\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7714\", \"name\": \"RHSA-2023:7714\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7770\", \"name\": \"RHSA-2023:7770\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7772\", \"name\": \"RHSA-2023:7772\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7784\", \"name\": \"RHSA-2023:7784\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7785\", \"name\": \"RHSA-2023:7785\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7883\", \"name\": \"RHSA-2023:7883\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7884\", \"name\": \"RHSA-2023:7884\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:7885\", \"name\": \"RHSA-2023:7885\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:0304\", \"name\": \"RHSA-2024:0304\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:0332\", \"name\": \"RHSA-2024:0332\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:0337\", \"name\": \"RHSA-2024:0337\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2023-5870\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2247170\", \"name\": \"RHBZ#2247170\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/\"}, {\"url\": \"https://www.postgresql.org/support/security/CVE-2023-5870/\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2025-11-20T01:24:42.606Z\"}, \"x_redhatCweChain\": \"CWE-400: Uncontrolled Resource Consumption\"}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-5870\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-20T01:24:42.606Z\", \"dateReserved\": \"2023-10-31T03:56:58.366Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2023-12-10T17:58:30.213Z\", \"assignerShortName\": \"redhat\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.