Msrc Cm1 Postgresql 12.7-2 On Cbl Mariner 1.0 vulnerabilities

CVE-2021-23214 [HIGH] CWE-89 When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established despite the use of SSL certificate verification and

CVE-2021-23222 [MEDIUM] CWE-522 A man-in-the-middle attacker can inject false responses to the client's first few queries despite the use of SSL certificate verification and encryption. A man-in-the-middle attacker can inject false responses to the client's first few queries despite the use of SSL certificate verification and encryption. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the m