Vulnerabilities > Postgresql > Postgresql > 9.4.9
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-05-12 | CVE-2017-7486 | Information Exposure vulnerability in Postgresql PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server. | 5.0 |
2017-05-12 | CVE-2017-7485 | Missing Encryption of Sensitive Data vulnerability in Postgresql In PostgreSQL 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3, it was found that the PGREQUIRESSL environment variable was no longer enforcing a SSL/TLS connection to a PostgreSQL server. | 4.3 |
2017-05-12 | CVE-2017-7484 | Information Exposure vulnerability in Postgresql It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. | 5.0 |