Postgresql Project PostgreSQL vulnerabilities

CVE-2019-10130 [MEDIUM] CWE-284 CVE-2019-10130: A vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10. A vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10.8, 9.6.x up to, excluding 9.6.13, 9.5.x up to, excluding 9.5.17. PostgreSQL maintains column statistics for tables. Certain statistics, such as histograms and lists of most common values, contain values taken from the column. PostgreSQL does not evalu

CVE-2019-10129 [MEDIUM] CWE-125 CVE-2019-10129: A vulnerability was found in postgresql versions 11 A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052).

CVE-2018-1052 [MEDIUM] CWE-200 CVE-2018-1052: Memory disclosure vulnerability in table partitioning was found in postgresql 10.x before 10.2, allo Memory disclosure vulnerability in table partitioning was found in postgresql 10.x before 10.2, allowing an authenticated attacker to read arbitrary bytes of server memory via purpose-crafted insert to a partitioned table.