Heikki Linnakangas

**Name of the Vulnerable Software and Affected Versions** PostgreSQL versions 18.0 and 18.1 **Description** A heap buffer overflow exists in PostgreSQL's pg trgm component. A database user can exploit this issue with a crafted input string, potentially leading to unknown impacts, including possible privilege escalation. The attacker has limited control over the data written to memory. **Recommendations** Update PostgreSQL to a version beyond 18.1.

**Name of the Vulnerable Software and Affected Versions** postgresql versions prior to 13.2 postgresql versions prior to 12.6 postgresql versions prior to 11.11 **Description** An information leak was discovered in postgresql. A user with UPDATE permission but not SELECT permission to a particular column could craft queries that might disclose values from that column in error messages under certain circumstances. This could allow an attacker to obtain information stored in a column they are allowed to write but not read. **Recommendations** For versions prior to 13.2, update to version 13.2 or later to resolve the issue. For versions prior to 12.6, update to version 12.6 or later to resolve the issue. For versions prior to 11.11, update to version 11.11 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** PostgreSQL versions prior to 9.1.23 PostgreSQL versions 9.2.x prior to 9.2.18 PostgreSQL versions 9.3.x prior to 9.3.14 PostgreSQL versions 9.4.x prior to 9.4.9 PostgreSQL versions 9.5.x prior to 9.5.4 **Description** The issue allows remote authenticated users to cause a denial of service, obtain sensitive memory information, or possibly execute arbitrary code. This can be achieved through a CASE expression within the test value subexpression of another CASE or inlining of an SQL function that implements the equality operator used for a CASE expression involving values of different types. Certain nested CASE/WHEN expressions can also crash the server. **Recommendations** For PostgreSQL versions prior to 9.1.23, update to version 9.1.23 or later. For PostgreSQL versions 9.2.x prior to 9.2.18, update to version 9.2.18 or later. For PostgreSQL versions 9.3.x prior to 9.3.14, update to version 9.3.14 or later. For PostgreSQL versions 9.4.x prior to 9.4.9, update to version 9.4.9 or later. For PostgreSQL versions 9.5.x prior to 9.5.4, update to version 9.5.4 or later. As a temporary workaround, consider avoiding the use of nested CASE/WHEN expressions until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** PostgreSQL versions 8.4.x through 8.4.10 PostgreSQL versions 9.0.x through 9.0.6 PostgreSQL versions 9.1.x through 9.1.2 **Description** The issue allows remote attackers to spoof connections when the host name is exactly 32 characters, due to the truncation of the common name to only 32 characters in SSL certificate verification. This can occur under certain circumstances, particularly when using third-party certificate authorities. **Recommendations** For PostgreSQL versions 8.4.x through 8.4.10, update to version 8.4.11 or later. For PostgreSQL versions 9.0.x through 9.0.6, update to version 9.0.7 or later. For PostgreSQL versions 9.1.x through 9.1.2, update to version 9.1.3 or later.