Your submission was sent successfully! Close

CVE-2016-0773

Published: 11 February 2016

PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a regular expression.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
postgresql-8.4
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was needs-triage)
trusty Does not exist

upstream Needs triage

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

postgresql-9.1
Launchpad, Ubuntu, Debian
precise
Released (9.1.20-0ubuntu0.12.04)
trusty Does not exist
(trusty was released [9.1.20-0ubuntu0.14.04])
upstream Needs triage

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

postgresql-9.3
Launchpad, Ubuntu, Debian
precise Does not exist

trusty
Released (9.3.11-0ubuntu0.14.04)
upstream Needs triage

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

postgresql-9.4
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream Needs triage

vivid Ignored
(reached end-of-life)
wily
Released (9.4.6-0ubuntu0.15.10)
xenial Does not exist

yakkety Does not exist

zesty Does not exist

postgresql-9.5
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream
Released (9.5.1)
vivid Does not exist

wily Does not exist

xenial Not vulnerable
(9.5.1-1)
yakkety Not vulnerable
(9.5.1-1)
zesty Does not exist