CVE-2021-32029

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-32029

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-32029.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-32029

Aliases

BIT-postgresql-2021-32029

Downstream

ALPINE-CVE-2021-32029

DEBIAN-CVE-2021-32029

DSA-4915-1

RHSA-2021:2372

RHSA-2021:2375

RHSA-2021:2389

RHSA-2021:2394

RHSA-2021:2396

SUSE-SU-2021:1783-1

SUSE-SU-2021:1784-1

SUSE-SU-2021:1785-1

SUSE-SU-2021:1785-2

SUSE-SU-2021:1994-1

SUSE-SU-2022:2958-1

UBUNTU-CVE-2021-32029

USN-4972-1

openSUSE-SU-2021:1785-1

openSUSE-SU-2021:1994-1

openSUSE-SU-2024:11185-1

openSUSE-SU-2024:11186-1

openSUSE-SU-2024:11187-1

openSUSE-SU-2024:12387-1

openSUSE-SU-2024:13243-1

openSUSE-SU-2024:14360-1

Related

Published

2021-10-08T17:15:07Z

Modified

2025-10-10T03:18:21.702507Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

A flaw was found in postgresql. Using an UPDATE ... RETURNING command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality.

References

Affected packages

Git / git.postgresql.org/git/postgresql.git

Affected ranges

Type: GIT
Repo: https://git.postgresql.org/git/postgresql.git
Events: Introduced

19f20081df059fef87e14c8e953669bd173dd7f1

Fixed

fae98e3293de89f2fe8fc6e7c196d351378ce80e

Affected versions

Other

REL_11_0

REL_11_1

REL_11_10

REL_11_11

REL_11_2

REL_11_3

REL_11_4

REL_11_5

REL_11_6

REL_11_7

REL_11_8

REL_11_9