ubuntu · CVE-2016-0766

Quick triage

Priority: medium Published: 2016-02-11 00:00:00 UTC Updated: 2025-08-25 21:50:59 UTC

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2016-0766 medium priority: Ubuntu including 5 source packages (postgresql-8.4, postgresql-9.1, postgresql-9.3, postgresql-9.4, postgresql-9.5), 40 status rows across 8 suites (precise, trusty, upstream, vivid, wily, xenial, yakkety, zesty): DNE 27, released 6, needs-triage 3, ignored 2, not-affected 2.

Description:

PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors.

cvelogic Threat Intelligence