CVE-2013-1903
PostgreSQL < 9.2.4, 9.1.9, 9.0.13, 8.4.17, 8.3.23 - Superuser Password Exposure
Title source: llmDescription
PostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 incorrectly provides the superuser password to scripts related to "graphical installers for Linux and Mac OS X," which has unspecified impact and attack vectors.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
http://www.postgresql.org/about/news/1456/
Vendor Advisory x_refsource_confirm
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
Vendor Advisory x_refsource_confirm
http://www.postgresql.org/support/security/
Scores
EPSS
0.0055
EPSS Percentile
68.2%
Details
CWE
CWE-264
Status
published
Products (50)
postgresql/postgresql
9.2
postgresql/postgresql
9.2.1
postgresql/postgresql
9.2.2
postgresql/postgresql
9.2.3
postgresql/postgresql
9.1
postgresql/postgresql
9.1.1
postgresql/postgresql
9.1.2
postgresql/postgresql
9.1.3
postgresql/postgresql
9.1.4
postgresql/postgresql
9.1.5
... and 40 more
Published
Apr 04, 2013
Tracked Since
Feb 18, 2026