CVE-2016-7048

Name of the Vulnerable Software and Affected Versions PostgreSQL versions prior to 9.3.15 PostgreSQL versions 9.4.x prior to 9.4.10 PostgreSQL versions 9.5.x prior to 9.5.5

Description The issue is related to the interactive installer in PostgreSQL, which might allow remote attackers to execute arbitrary code. This is due to the use of HTTP to download software, potentially allowing the execution of arbitrary code by leveraging this vulnerability. The vulnerability is also associated with the lack of code integrity checks during the download process.

Recommendations For versions prior to 9.3.15, update to version 9.3.15 or later. For versions 9.4.x prior to 9.4.10, update to version 9.4.10 or later. For versions 9.5.x prior to 9.5.5, update to version 9.5.5 or later.