vulnerability

FreeBSD: PostgreSQL -- Security Fixes for Regular Expressions, PL/Java. (Multiple CVEs)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:L/Au:S/C:C/I:C/A:C)	Feb 8, 2016	Feb 17, 2016	Jul 28, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:C/I:C/A:C)

Published

Feb 8, 2016

Added

Feb 17, 2016

Modified

Jul 28, 2025

Description

PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors.

Solutions

freebsd-upgrade-package-postgresql91-serverfreebsd-upgrade-package-postgresql92-serverfreebsd-upgrade-package-postgresql93-serverfreebsd-upgrade-package-postgresql94-serverfreebsd-upgrade-package-postgresql95-server

References

CVE-2016-0766
https://attackerkb.com/topics/CVE-2016-0766
CVE-2016-0773
https://attackerkb.com/topics/CVE-2016-0773
DEBIAN-DSA-3476

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today