Software Detail

Software Informaton Top

->

->

Software Detail

PostgreSQL

Number Of NVD

154

CRITICAL

7

HIGH

63

MEDIUM

77

LOW

7

URL	https://www.postgresql.org/
Explanation	PostgreSQL is an object-relational database management system (ORDBMS) based on POSTGRES, Version 4.2, developed by the Department of Computer Science at the University of California, Berkeley. Extracted from [https://www.postgresql.jp/document/11/html/intro-whatis.html] From version 10 onwards, the integer part represents major versions and the decimal part represents minor updates. Every year, a major version including new features is released. Minor releases with bugs and security fixes will be released at least once every three months, if necessary. Unscheduled releases will be made for urgent security issues. Support is provided for five years after the major version is released.
Tag	オープンソース PostgreSQL Licence 商用ライセンス有り

Add Information URL

No	Type	Name	URL
1			https://www.postgresql.org/support/versioning/
2			https://wiki.postgresql.org/wiki/Main_Page
3			https://www.postgresql.jp/
4			https://www.postgresql.org/download/

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Security Support Service Pack Support	Extended for a fee	Critical	High	Medium	Low
151	PostgreSQL 16	16.11	Nov. 13, 2025	Sept. 14, 2023	Sept. 9, 2028			0	2	2	0
152	PostgreSQL 15	15.15	Nov. 13, 2025	Jan. 13, 2022	Nov. 11, 2027			0	6	4	1
153	PostgreSQL 14	14.20	Nov. 13, 2025	May 15, 2021	Nov. 12, 2026			0	8	5	1
154	PostgreSQL 13	13.23	Nov. 13, 2025	Sept. 24, 2020	Nov. 23, 2025			0	12	10	1
155	PostgreSQL 12	12.22	Nov. 21, 2024	Oct. 3, 2019	Nov. 14, 2024			0	15	11	1
156	PostgreSQL 11	11.22	Nov. 9, 2023	Oct. 18, 2018	Nov. 9, 2023			2	19	12	1
157	PostgreSQL 10	10.23	Nov. 10, 2022	Oct. 5, 2017	Nov. 10, 2022			3	21	9	0
158	PostgreSQL 9	9.6.24		Sept. 20, 2010	Oct. 8, 2015			6	39	37	0
159	PostgreSQL 8	8.0.9		Jan. 19, 2005	July 24, 2014			4	31	48	3
160	PostgreSQL 7	7.0.3		May 8, 2000	May 8, 2005			4	31	38	4
161	PostgreSQL 6	6.5.3	Jan. 29, 1997		June 9, 2004			4	21	20	2
162	PostgreSQL 1	1.09	Nov. 4, 1996		Jan. 1, 2000			4	21	22	1
163	PostgreSQL -	-						4	17	14	1

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	or higher	or less	more than	less than	Update date Published date	Show Affected	Exploit PoC Search
151	- 4.6	MEDIUM	Buffer overflows in PostgreSQL 7.2 allow attackers to cause a denial of service and possibly execute arbitrary code via long arguments to the functions (1) lpad or (2) rpad.	NVD-CWE-Other	CVE-2002-0972	cpe:2.3:a:postgresql:postgresql:7.2:* cpe:2.3:a:postgresql:postgresql:7.2.1:* cpe:2.3:a:postgresql:postgresql:7.1…					2016-10-18 11:23 2002-09-24	Show	GitHub Exploit DB Packet Storm

152	- 7.5	HIGH	The multibyte support in PostgreSQL 6.5.x with SQL_ASCII encoding consumes an extra character when processing a character that cannot be converted, which could remove an escape character from the que…	NVD-CWE-Other	CVE-2002-0802	cpe:2.3:a:postgresql:postgresql:6.5.0:*					2016-10-18 11:21 2002-08-12	Show	GitHub Exploit DB Packet Storm

153	- 4.6	MEDIUM	PostgreSQL stores usernames and passwords in plaintext in (1) pg_shadow and (2) pg_pwd, which allows attackers with sufficient privileges to gain access to databases.	NVD-CWE-Other	CVE-2000-1199	cpe:2.3:a:postgresql:postgresql:6.5.3:* cpe:2.3:a:postgresql:postgresql:6.3.2:*					2017-12-19 11:29 2001-08-31	Show	GitHub Exploit DB Packet Storm

154	- 2.1	LOW	Insecure directory permissions in RPM distribution for PostgreSQL allows local users to gain privileges by reading a plaintext password file.	NVD-CWE-Other	CVE-1999-0862	cpe:2.3:a:postgresql:postgresql:6.5.3:* cpe:2.3:a:postgresql:postgresql:6.5.3.1:* cpe:2.3:a:postgresql:postgresql…					2022-08-17 17:15 1999-12-2	Show	GitHub Exploit DB Packet Storm