Vulnerabilities > Postgresql > Postgresql > 9.6.15
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-08-24 | CVE-2020-14350 | Untrusted Search Path vulnerability in multiple products It was found that some PostgreSQL extensions did not use search_path safely in their installation script. | 7.3 |
2020-03-17 | CVE-2020-1720 | Missing Authorization vulnerability in multiple products A flaw was found in PostgreSQL's "ALTER ... | 6.5 |
2019-04-01 | CVE-2019-9193 | OS Command Injection vulnerability in Postgresql In PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGRAM" function allows superusers and users in the 'pg_execute_server_program' group to execute arbitrary code in the context of the database's operating system user. | 7.2 |