CVE-2023-5868
Published: Dec 10, 2023
Modified: Mar 12, 2026
CVSS v3.1
4.3
Description
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory.
| Vendor | Product | Versions |
|---|---|---|
Red Hat | Red Hat Advanced Cluster Security 4.2 | unaffected 4.2.4-6 - < * |
Red Hat | Red Hat Advanced Cluster Security 4.2 | unaffected 4.2.4-6 - < * |
Red Hat | Red Hat Advanced Cluster Security 4.2 | unaffected 4.2.4-7 - < * |
Red Hat | Red Hat Advanced Cluster Security 4.2 | unaffected 4.2.4-6 - < * |
Red Hat | Red Hat Advanced Cluster Security 4.2 | unaffected 4.2.4-7 - < * |
Red Hat | Red Hat Enterprise Linux 8 | unaffected 8090020231114113712.a75119d5 - < * |
Red Hat | Red Hat Enterprise Linux 8 | unaffected 8090020231128173330.a75119d5 - < * |
Red Hat | Red Hat Enterprise Linux 8 | unaffected 8090020231114113548.a75119d5 - < * |
Red Hat | Red Hat Enterprise Linux 8.2 Advanced Update Support | unaffected 8020020231128165246.4cda2c84 - < * |
Red Hat | Red Hat Enterprise Linux 8.2 Telecommunications Update Service | unaffected 8020020231128165246.4cda2c84 - < * |
Red Hat | Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions | unaffected 8020020231128165246.4cda2c84 - < * |
Red Hat | Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | unaffected 8040020231127153301.522a0ee4 - < * |
Red Hat | Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | unaffected 8040020231127154806.522a0ee4 - < * |
Red Hat | Red Hat Enterprise Linux 8.4 Telecommunications Update Service | unaffected 8040020231127153301.522a0ee4 - < * |
Red Hat | Red Hat Enterprise Linux 8.4 Telecommunications Update Service | unaffected 8040020231127154806.522a0ee4 - < * |
Red Hat | Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | unaffected 8040020231127153301.522a0ee4 - < * |
Red Hat | Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | unaffected 8040020231127154806.522a0ee4 - < * |
Red Hat | Red Hat Enterprise Linux 8.6 Extended Update Support | unaffected 8060020231114115246.ad008a3a - < * |
Red Hat | Red Hat Enterprise Linux 8.6 Extended Update Support | unaffected 8060020231128165328.ad008a3a - < * |
Red Hat | Red Hat Enterprise Linux 8.8 Extended Update Support | unaffected 8080020231114105206.63b34585 - < * |
Red Hat | Red Hat Enterprise Linux 8.8 Extended Update Support | unaffected 8080020231128165335.63b34585 - < * |
Red Hat | Red Hat Enterprise Linux 8.8 Extended Update Support | unaffected 8080020231113134015.63b34585 - < * |
Red Hat | Red Hat Enterprise Linux 9 | unaffected 0:13.13-1.el9_3 - < * |
Red Hat | Red Hat Enterprise Linux 9 | unaffected 9030020231120082734.rhel9 - < * |
Red Hat | Red Hat Enterprise Linux 9.0 Extended Update Support | unaffected 0:13.13-1.el9_0 - < * |
Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support | unaffected 0:13.13-1.el9_2 - < * |
Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support | unaffected 9020020231115020618.rhel9 - < * |
Red Hat | Red Hat Software Collections for Red Hat Enterprise Linux 7 | unaffected 0:12.17-1.el7 - < * |
Red Hat | Red Hat Software Collections for Red Hat Enterprise Linux 7 | unaffected 0:13.13-1.el7 - < * |
Red Hat | RHACS-3.74-RHEL-8 | unaffected 3.74.8-9 - < * |
Red Hat | RHACS-3.74-RHEL-8 | unaffected 3.74.8-9 - < * |
Red Hat | RHACS-3.74-RHEL-8 | unaffected 3.74.8-7 - < * |
Red Hat | RHACS-3.74-RHEL-8 | unaffected 3.74.8-9 - < * |
Red Hat | RHACS-3.74-RHEL-8 | unaffected 3.74.8-9 - < * |
Red Hat | RHACS-4.1-RHEL-8 | unaffected 4.1.6-6 - < * |
Red Hat | RHACS-4.1-RHEL-8 | unaffected 4.1.6-6 - < * |
Red Hat | RHACS-4.1-RHEL-8 | unaffected 4.1.6-6 - < * |
Red Hat | RHACS-4.1-RHEL-8 | unaffected 4.1.6-6 - < * |
Red Hat | RHACS-4.1-RHEL-8 | unaffected 4.1.6-6 - < * |
Red Hat | Red Hat Enterprise Linux 6 | All versions |
Red Hat | Red Hat Enterprise Linux 7 | All versions |
Red Hat | Red Hat Enterprise Linux 8 | All versions |
Red Hat | Red Hat Enterprise Linux 8 | All versions |
Red Hat | Red Hat Enterprise Linux 9 | All versions |
Red Hat | Red Hat Software Collections | All versions |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now