all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

USN-6538-2: PostgreSQL vulnerabilities

Add to bookmarks
Jan. 17, 2024, 5:20 a.m. |

Ubuntu security notices ubuntu.com

USN-6538-1 fixed several vulnerabilities in PostgreSQL. This update provides
the corresponding updates for Ubuntu 18.04 LTS.

Original advisory details:

Jingzhou Fu discovered that PostgreSQL incorrectly handled certain unknown
arguments in aggregate function calls. A remote attacker could possibly use
this issue to obtain sensitive information. (CVE-2023-5868)

Pedro Gallegos discovered that PostgreSQL incorrectly handled modifying
certain SQL array values. A remote attacker could use this issue to obtain
sensitive information, or possibly execute arbitrary code. (CVE-2023-5869)

Hemanth Sandrana and Mahendrakar Srinivasarao …

advisory array attacker cve function information issue lts postgresql sensitive sensitive information sql ubuntu update updates usn vulnerabilities

Visit resource

More from ubuntu.com / Ubuntu security notices

USN-6754-1: nghttp2 vulnerabilities 2 days, 19 hours ago | ubuntu.com
attacker cve denial of service http +10
USN-6753-1: CryptoJS vulnerability 2 days, 21 hours ago | ubuntu.com
attacker configuration cryptographic default +11
USN-6751-1: Zabbix vulnerabilities 2 days, 21 hours ago | ubuntu.com
attacker attacks cross-site cross-site scripting (xss) attacks +11
USN-6752-1: FreeRDP vulnerabilities 3 days, 3 hours ago | ubuntu.com
attacker crash denial of service issue +7
USN-6750-1: Thunderbird vulnerabilities 3 days, 14 hours ago | ubuntu.com
arbitrary code attacker browsing bypass +19
USN-6743-3: Linux kernel (Azure) vulnerabilities 3 days, 19 hours ago | ubuntu.com
attacker azure bpf compromise +16
USN-6657-2: Dnsmasq vulnerabilities 3 days, 22 hours ago | ubuntu.com
advisory attacker dnsmasq dnssec +10
USN-6749-1: FreeRDP vulnerabilities 4 days ago | ubuntu.com
arbitrary code attacker code context +12
USN-6748-1: Sanitize vulnerabilities 4 days, 12 hours ago | ubuntu.com
attack attacker cross-site cve +9

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Lead Technical Product Manager - Threat Protection

@ Mastercard | Remote - United Kingdom
View on infosec-jobs.com

Data Privacy Officer

@ Banco Popular | San Juan, PR
View on infosec-jobs.com

GRC Security Program Manager

@ Meta | Bellevue, WA | Menlo Park, CA | Washington, DC | New York City
View on infosec-jobs.com

Cyber Security Engineer

@ ASSYSTEM | Warrington, United Kingdom
View on infosec-jobs.com

Privacy Engineer, Technical Audit

@ Meta | Menlo Park, CA
View on infosec-jobs.com
View more jobs