CLSA-2026-1774460378

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1774460378.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1774460378

Upstream

CVE-2024-10979

CVE-2024-7348

CVE-2025-1094

CVE-2025-8714

Published

2026-03-25T17:39:43Z

Modified

2026-06-01T00:33:28.165346999Z

Summary

postgresql11: Fix of 4 CVEs

Details

Fix CVE-2025-1094: Improper neutralization of quoting syntax in libpq escape functions allowing SQL injection.
Fix CVE-2024-7348: TOCTOU race condition in pg_dump allows arbitrary SQL function execution via view/foreign table replacement.
Fix CVE-2024-10979: Block environment variable mutations from trusted PL/Perl to prevent arbitrary code execution by unprivileged users.
Fix CVE-2025-8714: Restrict psql meta-commands in plain-text dumps to prevent restore-time code injection.

References

https://errata.tuxcare.com/els_os/rhel7els/CLSA-2026-1774460378.html

Affected packages

TuxCare:RHEL:7

postgresql11

Package

Name: postgresql11
Purl: pkg:rpm/tuxcare/postgresql11?distro=rhel-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11.22-1.el7.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1774460378.json"

postgresql11-contrib

Package

Name: postgresql11-contrib
Purl: pkg:rpm/tuxcare/postgresql11-contrib?distro=rhel-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11.22-1.el7.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1774460378.json"

postgresql11-devel

Package

Name: postgresql11-devel
Purl: pkg:rpm/tuxcare/postgresql11-devel?distro=rhel-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11.22-1.el7.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1774460378.json"

postgresql11-docs

Package

Name: postgresql11-docs
Purl: pkg:rpm/tuxcare/postgresql11-docs?distro=rhel-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11.22-1.el7.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1774460378.json"

postgresql11-libs

Package

Name: postgresql11-libs
Purl: pkg:rpm/tuxcare/postgresql11-libs?distro=rhel-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11.22-1.el7.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1774460378.json"

postgresql11-plperl

Package

Name: postgresql11-plperl
Purl: pkg:rpm/tuxcare/postgresql11-plperl?distro=rhel-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11.22-1.el7.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1774460378.json"

postgresql11-plpython

Package

Name: postgresql11-plpython
Purl: pkg:rpm/tuxcare/postgresql11-plpython?distro=rhel-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11.22-1.el7.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1774460378.json"

postgresql11-pltcl

Package

Name: postgresql11-pltcl
Purl: pkg:rpm/tuxcare/postgresql11-pltcl?distro=rhel-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11.22-1.el7.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1774460378.json"

postgresql11-server

Package

Name: postgresql11-server
Purl: pkg:rpm/tuxcare/postgresql11-server?distro=rhel-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11.22-1.el7.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1774460378.json"

postgresql11-server-devel

Package

Name: postgresql11-server-devel
Purl: pkg:rpm/tuxcare/postgresql11-server-devel?distro=rhel-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11.22-1.el7.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1774460378.json"

postgresql11-static

Package

Name: postgresql11-static
Purl: pkg:rpm/tuxcare/postgresql11-static?distro=rhel-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11.22-1.el7.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1774460378.json"

postgresql11-test

Package

Name: postgresql11-test
Purl: pkg:rpm/tuxcare/postgresql11-test?distro=rhel-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11.22-1.el7.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1774460378.json"

postgresql11-test-rpm-macros

Package

Name: postgresql11-test-rpm-macros
Purl: pkg:rpm/tuxcare/postgresql11-test-rpm-macros?distro=rhel-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11.22-1.el7.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1774460378.json"

postgresql11-upgrade

Package

Name: postgresql11-upgrade
Purl: pkg:rpm/tuxcare/postgresql11-upgrade?distro=rhel-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11.22-1.el7.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1774460378.json"

postgresql11-upgrade-devel

Package

Name: postgresql11-upgrade-devel
Purl: pkg:rpm/tuxcare/postgresql11-upgrade-devel?distro=rhel-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11.22-1.el7.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1774460378.json"