Vulnerabilities > Postgresql
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-04 | CVE-2021-23214 | SQL Injection vulnerability in multiple products When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. | 8.1 |
| 2022-03-02 | CVE-2021-23222 | Insufficiently Protected Credentials vulnerability in Postgresql A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption. | 5.9 |
| 2022-03-02 | CVE-2021-3677 | Information Exposure vulnerability in multiple products A flaw was found in postgresql. | 6.5 |
| 2022-02-02 | CVE-2022-21724 | Improper Initialization vulnerability in multiple products pgjdbc is the offical PostgreSQL JDBC Driver. | 9.8 |
| 2021-10-11 | CVE-2021-32028 | Unspecified vulnerability in Postgresql A flaw was found in postgresql. | 6.5 |
| 2021-10-08 | CVE-2021-32029 | Out-of-bounds Read vulnerability in multiple products A flaw was found in postgresql. | 4.0 |
| 2021-06-01 | CVE-2021-32027 | Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. | 8.8 |
| 2021-04-01 | CVE-2021-3393 | Information Exposure Through an Error Message vulnerability in multiple products An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. | 3.5 |
| 2021-03-19 | CVE-2019-10128 | Improper Access Control vulnerability in Postgresql A vulnerability was found in postgresql versions 11.x prior to 11.3. | 4.1 |
| 2021-03-19 | CVE-2019-10127 | Improper Access Control vulnerability in Postgresql A vulnerability was found in postgresql versions 11.x prior to 11.3. | 4.3 |