Computer Security
[EN] no-pyccku

PostgreSQL security vulnerabilities
SecurityVulns ID:14731
Threat Level:
Description:Information disclosure, DoS.
Affected:POSTGRES : PostgreSQL 9.4
CVE:CVE-2015-5289 (Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service (server crash) via unspecified vectors, which are not properly handled in (1) json or (2) jsonb values.)
 CVE-2015-5288 (The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x before 9.1.19, 9.2.x before 9.2.14, 9.3.x before 9.3.10, and 9.4.x before 9.4.5 allows attackers to cause a denial of service (server crash) or read arbitrary server memory via a "too-short" salt.)
Original documentdocumentUBUNTU, [USN-2772-1] PostgreSQL vulnerabilities (19.10.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod