Max CVSS | 5.0 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-7485 | 4.3 |
In PostgreSQL 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3, it was found that the PGREQUIRESSL environment variable was no longer enforcing a SSL/TLS connection to a PostgreSQL server. An active Man-in-the-Midd
|
03-10-2019 - 00:03 | 12-05-2017 - 19:29 | |
CVE-2017-7484 | 5.0 |
It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, po
|
05-01-2018 - 02:31 | 12-05-2017 - 19:29 | |
CVE-2017-7486 | 5.0 |
PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server.
|
05-01-2018 - 02:31 | 12-05-2017 - 19:29 |