pkg:Alpine/postgresql13

All known vulnerabilities

• HIGH8.8CVE-2023-39417Postgresql: extension script @substitutions@ within quoting allow sql injection
  from 0, < 13.12-r0
• HIGH8.8CVE-2022-1552postgresql-13 - security update
  from 0, < 13.7-r0
• HIGH8.8CVE-2021-32027postgresql-11 - security update
  from 0, < 13.3-r0
• HIGH8.1CVE-2021-23214postgresql-13 - security update
  from 0, < 13.5-r0
• HIGH8.0CVE-2024-0985PostgreSQL non-owner REFRESH MATERIALIZED VIEW CONCURRENTLY executes arbitrary SQL
  from 0, < 13.14-r0
• HIGH8.0CVE-2022-2625postgresql-11 - security update
  from 0, < 13.8-r0
• HIGH7.2CVE-2023-2454postgresql-13 - security update
  from 0, < 13.11-r0
• MEDIUM6.5CVE-2021-3677A flaw was found in postgresql.
  from 0, < 13.4-r0
• MEDIUM6.5CVE-2021-32028A flaw was found in postgresql.
  from 0, < 13.3-r0
• MEDIUM6.5CVE-2021-32029A flaw was found in postgresql.
  from 0, < 13.3-r0
• MEDIUM5.9CVE-2021-23222A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification…
  from 0, < 13.5-r0
• MEDIUM5.4CVE-2023-2455Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases w…
  from 0, < 13.11-r0
• MEDIUM4.3CVE-2023-39418Postgresql: merge fails to enforce update or select row security policies
  from 0, < 13.12-r0
• MEDIUM4.3CVE-2021-3393An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11.
  from 0, < 13.2-r0
• MEDIUM4.3CVE-2021-20229A flaw was found in PostgreSQL in versions before 13.2.
  from 0, < 13.2-r0
• LOW3.7CVE-2022-41862In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption.
  from 0, < 13.10-r0