CVE-2019-10209 log
| Source |
|
| Severity | Low |
| Remote | Yes |
| Type | Information disclosure |
| Description | An issue has been found in PostgreSQL >= 11.0 and < 11.5. In a database containing hypothetical, user-defined hash equality operators, an attacker could read arbitrary bytes of server memory. For an attack to become possible, a superuser would need to create unusual operators. It is possible for operators not purpose-crafted for attack to have the properties that enable an attack, but we are not aware of specific examples. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-1019 | postgresql, postgresql-libs | 11.4-1 | 11.5-1 | Medium | Fixed |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 10 Aug 2019 | ASA-201908-8 | AVG-1019 | postgresql | Medium | multiple issues |
| 10 Aug 2019 | ASA-201908-7 | AVG-1019 | postgresql-libs | Medium | multiple issues |
| References |
|---|
https://www.postgresql.org/about/news/1960/ https://bugzilla.redhat.com/show_bug.cgi?id=1734447 |