Lucene search
Redhat.comRH:CVE-2021-23214HistoryApr 26, 2022 - 10:23 p.m.
CVE-2021-23214
2022-04-2622:23:51
redhat.com
access.redhat.com
15
0.002 Low
EPSS
Percentile
57.0%
It was found that a PostgreSQL server could accept plain text data during the establishment of an SSL connection. When a user is requesting a certificate based authentication, an active Person in the Middle could use this flaw in order to inject arbitrary SQL commands.
Related
almalinux
almalinux
Moderate: postgresql:10 security update
2022-05-10 08:03:34
Moderate: postgresql:12 security update
2021-12-21 09:10:31
Moderate: postgresql:13 security update
2021-12-21 09:10:35
osv
osv
BIT-postgresql-2021-23214
2024-03-06 11:05:31
CVE-2021-23214
2022-03-04 16:15:08
Moderate: postgresql:10 security update
2022-05-10 08:03:34
amazon
amazon
Medium: postgresql93
2023-01-18 20:56:00
Medium: postgresql92
2023-01-18 20:56:00
Medium: postgresql
2023-02-17 00:11:00
cbl_mariner
cbl_mariner
CVE-2021-23214 affecting package postgresql for versions less than 14.2-1
2022-04-26 20:17:02
CVE-2021-23214 affecting package postgresql 12.8-1
2022-03-19 16:40:54
ibm
ibm
Security Bulletin: Due to use of PostgreSQL, IBM Robotic Process Automation with Automation Anywhere is vulnerable to SQL injection (CVE-2021-23214)
2022-04-01 15:08:28
nessus
nessus
Rocky Linux 8 : postgresql:10 (RLSA-2022:1830)
2023-11-06 00:00:00
Amazon Linux 2 : postgresql (ALAS-2023-1949)
2023-02-23 00:00:00
Amazon Linux AMI : postgresql92 (ALAS-2023-1657)
2023-01-24 00:00:00
oraclelinux
oraclelinux
postgresql:10 security update
2022-05-17 00:00:00
postgresql:12 security update
2021-12-22 00:00:00
postgresql:13 security update
2021-12-22 00:00:00
veracode
veracode
Man-in-the-Middle (MitM)
2021-11-14 07:40:11
rocky
rocky
postgresql:10 security update
2022-05-10 08:03:34
postgresql:12 security update
2021-12-21 09:10:31
postgresql:13 security update
2021-12-21 09:10:35
cvelist
cvelist
CVE-2021-23214
2022-03-04 00:00:00
CVE-2021-43766
2022-08-25 17:27:31
redhat
redhat
(RHSA-2022:1830) Moderate: postgresql:10 security update
2022-05-10 08:03:34
(RHSA-2021:5235) Moderate: postgresql:12 security update
2021-12-21 09:10:31
(RHSA-2021:5236) Moderate: postgresql:13 security update
2021-12-21 09:10:35
cve
cve
CVE-2021-23214
2022-03-04 16:15:00
CVE-2021-43766
2022-08-25 18:15:00
prion
prion
Sql injection
2022-03-04 16:15:00
Sql injection
2022-08-25 18:15:00
alpinelinux
alpinelinux
CVE-2021-23214
2022-03-04 16:15:00
debiancve
debiancve
CVE-2021-23214
2022-03-04 16:15:00
ubuntucve
ubuntucve
CVE-2021-23214
2021-11-11 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package postgresql15-1C version 13.3-alt5
2021-11-10 00:00:00
Security fix for the ALT Linux 8 package postgresql9.6 version 9.6.24-alt0.M80P.1
2021-12-21 00:00:00
Security fix for the ALT Linux 10 package postgresql12 version 12.9-alt1
2021-11-23 00:00:00
freebsd
freebsd
PostgreSQL -- Possible man-in-the-middle attacks
2021-11-08 00:00:00
openvas
openvas
openSUSE: Security Advisory for postgresql10 (openSUSE-SU-2021:1584-1)
2022-02-08 00:00:00
Ubuntu: Security Advisory (USN-5645-1)
2022-09-29 00:00:00
Debian: Security Advisory (DLA-2817-1)
2021-11-18 00:00:00
redos
redos
ROS-20220125-13
2022-01-25 00:00:00
mageia
mageia
Updated postgresql packages fix security vulnerability
2021-11-25 16:06:13
github
github
PostgresNIO processes unencrypted bytes from man-in-the-middle
2023-05-10 19:20:16
fedora
fedora
[SECURITY] Fedora 35 Update: pgbouncer-1.16.1-1.fc35
2021-12-31 01:21:38
gentoo
gentoo
PostgreSQL: Multiple Vulnerabilities
2022-11-19 00:00:00
hp
hp
HP Device Manager Vulnerability Update (5.0.12)
2024-01-26 00:00:00