postgresql-upgrade vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the postgresql-upgrade package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
H CRLF Injection	<0:15.14-1.module+el9.6.0+23419+7863ab62
H Inclusion of Functionality from Untrusted Control Sphere	<0:15.14-1.module+el9.6.0+23419+7863ab62
L Exposure of Sensitive Information Through Metadata	*
M Buffer Over-read	*
H Improper Neutralization	<0:13.20-1.el9_5
H External Control of System or Configuration Setting	<0:13.18-1.el9_5
H Incorrect Privilege Assignment	<0:13.18-1.el9_5
H Improper Preservation of Consistency Between Independent Representations of Shared State	<0:13.18-1.el9_5
L Use of Less Trusted Source	*
H Time-of-check Time-of-use (TOCTOU)	<0:13.16-1.el9_4
L Missing Authorization	<0:16.4-1.module+el9.4.0+22207+8466e31f
H Privilege Dropping / Lowering Errors	<0:15.6-1.module+el9.3.0+21283+b0ea34b6
H Integer Overflow or Wraparound	<0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9
L Resource Exhaustion	<0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9
M Function Call With Incorrect Argument Type	<0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9
L Insufficient Granularity of Access Control	<0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9
H SQL Injection	<0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9
M Improper Input Validation	<0:15.3-1.module+el9.2.0.z+19113+6f5d9d63
M Improper Input Validation	<0:15.3-1.module+el9.2.0.z+19113+6f5d9d63
M Information Exposure	<0:13.10-1.el9_1
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<0:13.10-1.el9_1
H Incomplete Cleanup	<0:13.7-1.el9_0