PT-2023-6890 · Unknown+11 · Postgresql+10

Jingzhou Fu

Published

2023-11-08

Updated

2026-04-03

CVE-2023-5868

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions PostgreSQL (affected versions not specified)

Description A memory disclosure issue was found in PostgreSQL, allowing remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. This occurs due to excessive data output in these function calls, enabling remote users to read some portion of system memory. Handling 'unknown'-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-686CWE-200

Related Identifiers

ALSA-2023:7581

ALSA-2023:7714

ALSA-2023:7784

ALSA-2023:7785

ALSA-2023:7884

ALT-PU-2023-7057

ALT-PU-2023-7058

ALT-PU-2023-7059

ALT-PU-2023-7060

ALT-PU-2023-7061

ALT-PU-2023-7062

ALT-PU-2023-7081

ALT-PU-2023-7082

ALT-PU-2023-7083

ALT-PU-2023-7086

ALT-PU-2023-7087

ALT-PU-2023-7088

ALT-PU-2023-7089

ALT-PU-2023-7090

ALT-PU-2023-7207

ALT-PU-2023-7479

ALT-PU-2023-7480

ALT-PU-2023-7481

ALT-PU-2023-8221

ALT-PU-2023-8222

ALT-PU-2023-8223

ALT-PU-2023-8224

ALT-PU-2023-8225

ALT-PU-2023-8226

AZL-32106

BDU:2023-07905

BIT-POSTGRESQL-2023-5868

CESA-2023_7581

CESA-2023_7714

CESA-2023_7884

CVE-2023-5868

DLA-3651-1

DSA-5553-1

DSA-5554-1

ECHO-9641-250D-E23F

JLSEC-2026-43

MGASA-2023-0324

OESA-2024-2428

OESA-2025-1335

OPENSUSE-SU-2023_4454-1

OPENSUSE-SU-2023_4455-1

OPENSUSE-SU-2023_4479-1

OPENSUSE-SU-2023_4495-1

OPENSUSE-SU-2024:13408-1

OPENSUSE-SU-2024:13409-1

OPENSUSE-SU-2024:13410-1

OPENSUSE-SU-2024:13413-1

OPENSUSE-SU-2024:13414-1

OPENSUSE-SU-2024:13668-1

OPENSUSE-SU-2025:15580-1

RHSA-2023:7545

RHSA-2023:7579

RHSA-2023:7580

RHSA-2023:7581

RHSA-2023:7616

RHSA-2023:7656

RHSA-2023:7666

RHSA-2023:7667

RHSA-2023:7694

RHSA-2023:7695

RHSA-2023:7714

RHSA-2023:7770

RHSA-2023:7772

RHSA-2023:7784

RHSA-2023:7785

RHSA-2023:7883

RHSA-2023:7884

RHSA-2023:7885

RHSA-2023_7581

RHSA-2023_7714

RHSA-2023_7784

RHSA-2023_7785

RHSA-2023_7884

RLSA-2023:7581

RLSA-2023:7714

RLSA-2023:7785

ROSA-SA-2024-2484

ROSA-SA-2024-2485

ROSA-SA-2024-2486

ROSA-SA-2025-2665

ROSA-SA-2025-2666

SUSE-SU-2023:4418-1

SUSE-SU-2023:4425-1

SUSE-SU-2023:4433-1

SUSE-SU-2023:4434-1

SUSE-SU-2023:4454-1

SUSE-SU-2023:4455-1

SUSE-SU-2023:4479-1

SUSE-SU-2023:4495-1

SUSE-SU-2023_4418-1

SUSE-SU-2023_4425-1

SUSE-SU-2023_4433-1

SUSE-SU-2023_4434-1

SUSE-SU-2023_4454-1

SUSE-SU-2023_4455-1

SUSE-SU-2023_4479-1

SUSE-SU-2023_4495-1

SUSE-SU-2024:0106-1

SUSE-SU-2024_0106-1

USN-6538-1

USN-6538-2

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Linuxmint

Postgresql

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

PT-2023-6890 · Unknown+11 · Postgresql+10

CVE-2023-5868

Weakness Enumeration

Related Identifiers

Affected Products

References · 188