CyberSec.Space Logo
Back to CVE Browser

CVE-2019-10211

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1050%
EPSS Percentile30.33th
PublishedOct 29, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via bundled OpenSSL executing code from unprotected directory.

Affected Platforms (CPE)

πŸ“¦
Postgresql

Postgresql

< 9.4.24
πŸ“¦
Postgresql

Postgresql

>= 9.5.0 and < 9.5.19
πŸ“¦
Postgresql

Postgresql

>= 9.6.0 and < 9.6.15
πŸ“¦
Postgresql

Postgresql

>= 10.0 and < 10.10
πŸ“¦
Postgresql

Postgresql

>= 11.0 and < 11.5

References & Advisories

πŸ”— https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10211
πŸ”— https://www.postgresql.org/about/news/1960/
πŸ”— https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10211
πŸ”— https://www.postgresql.org/about/news/1960/

Related Vulnerabilities

CVE-2003-050010.0

SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote a...

CVE-2005-365610.0

Multiple format string vulnerabilities in logging functions in mod_auth_pgsql before 2.0.3, when used for user authentication agai...

CVE-2002-139910.0

Unknown vulnerability in cash_out and possibly other functions in PostgreSQL 7.2.1 and earlier, and possibly later versions before...

CVE-2007-327910.0

PostgreSQL 8.1 and probably later versions, when the PL/pgSQL (plpgsql) language has been created, grants certain plpgsql privileg...