AVG-1956 log
| Package | postgresql |
| Status | Fixed |
| Severity | Medium |
| Type | multiple issues |
| Affected | 13.2-2 |
| Fixed | 13.3-1 |
| Current | 18.0-1 [extra] |
| Ticket | None |
| Created | Thu May 13 15:20:50 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-32029 | Medium | Yes | Information disclosure | A security issue was found in PostgreSQL before version 13.3. Using an UPDATE ... RETURNING on a purpose-crafted partitioned table, an attacker can read... |
| CVE-2021-32028 | Medium | Yes | Information disclosure | A security issue was found in PostgreSQL before version 13.3. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an attacker... |
| CVE-2021-32027 | Medium | Yes | Arbitrary code execution | A security issue was found in PostgreSQL before version 13.3. While modifying certain SQL array values, missing bounds checks let authenticated database... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 01 Jun 2021 | ASA-202106-15 | postgresql | multiple issues |