VDB
OPENSUSE-SU-2020%3A1312-1
OPENSUSE-SU-2020%3A1312-1
PUBLISHED
CVSS 7.800000190734863 HIGH
This update for postgresql10 fixes the following issues: - update to 10.14: * CVE-2020-14349, bsc#1175193: Set a secure search_path in logical replication walsenders and apply workers * CVE-2020-14350, bsc#1175194: Make contrib modules' installation scripts more secure. * https://www.postgresql.org/docs/10/release-10-14.html This update was imported from the SUSE:SLE-15-SP1:Update update project.
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| openSUSE Leap 15.1 | ||
| postgresql10 |
Timeline
- Sep 1, 2020 CVE Published
- Apr 2, 2026 Security Advisory
References
- https://www.suse.com/support/security/rating/ url
- https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_1312-1.json advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JBQ6CL4MQALOVA7GHHQK6R3AD3MXSR5R/ advisory
- https://bugzilla.suse.com/1175193 advisory
- https://bugzilla.suse.com/1175194 advisory
- https://www.suse.com/security/cve/CVE-2020-14349/ advisory
- https://www.suse.com/security/cve/CVE-2020-14350/ advisory