PT-2019-6375 · Postgresql+2 · Postgresql+2

Andreas Seltenreich

Published

2019-08-07

Updated

2026-01-30

CVE-2019-10209

CVSS v2.0

3.5

Low

Vector

AV:N/AC:M/Au:S/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Postgresql versions 11.x before 11.5

Description The issue is related to a memory disclosure in cross-type comparison for hashed subplan, which can allow a remote attacker to disclose protected information due to a buffer read beyond memory boundaries.

Recommendations For Postgresql versions 11.x before 11.5, update to version 11.5 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive data until the update can be applied.

Fix

Out of bounds Read

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-200

Related Identifiers

ALT-PU-2019-2383

ALT-PU-2019-2425

BDU:2023-04646

CLEANSTART-2026-FW42039

CLEANSTART-2026-HJ04971

CVE-2019-10209

DSA-4493-1

MGASA-2019-0225

OPENSUSE-SU-2024:11185-1

USN-4090-1

Affected Products

Alt Linux

Postgresql

Ubuntu

PT-2019-6375 · Postgresql+2 · Postgresql+2

CVE-2019-10209

Weakness Enumeration

Related Identifiers

Affected Products

References · 120