Re: BUG #18193: CVE-2019-9193
Tom Lane <tgl@sss.pgh.pa.us>
From: Tom Lane <tgl@sss.pgh.pa.us>
To: sumanth.vankineni@gmail.com
Cc: pgsql-bugs@lists.postgresql.org
Date: 2023-11-13T15:20:30Z
Lists: pgsql-bugs
PG Bug reporting form <noreply@postgresql.org> writes: > Just wanted to give an update, I'm not sure if it's mentioned anywhere on > the website. The PostgreSQl version 13.7 is also vuln to the > CVE-2019-9193. > The CVE states only In PostgreSQL 9.3 through 11.2. Please see https://www.postgresql.org/about/news/cve-2019-9193-not-a-security-vulnerability-1935/ That CVE is erroneous in full, and so the fact that it also misstates relevant versions is hardly surprising. regards, tom lane