Vulnerabilities > Postgresql > Postgresql > 10.15
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-31 | CVE-2022-1552 | Unspecified vulnerability in Postgresql A flaw was found in PostgreSQL. | 8.8 |
| 2022-08-25 | CVE-2021-43767 | Improper Certificate Validation vulnerability in Postgresql Odyssey passes to client unencrypted bytes from man-in-the-middle When Odyssey storage is configured to use the PostgreSQL server using 'trust' authentication with a 'clientcert' requirement or to use 'cert' authentication, a man-in-the-middle attacker can inject false responses to the client's first few queries. | 5.9 |
| 2022-08-18 | CVE-2022-2625 | A vulnerability was found in PostgreSQL. | 8.0 |
| 2022-03-04 | CVE-2021-23214 | When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. | 8.1 |
| 2022-03-02 | CVE-2021-23222 | Unspecified vulnerability in Postgresql A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption. | 5.9 |
| 2021-10-11 | CVE-2021-32028 | Unspecified vulnerability in Postgresql A flaw was found in postgresql. | 6.5 |
| 2021-06-01 | CVE-2021-32027 | A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. | 8.8 |
| 2021-04-01 | CVE-2021-3393 | An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. | 4.3 |
| 2019-04-01 | CVE-2019-9193 | OS Command Injection vulnerability in Postgresql In PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGRAM" function allows superusers and users in the 'pg_execute_server_program' group to execute arbitrary code in the context of the database's operating system user. | 7.2 |