CVE-2021-23214
- Source
- https://cve.org/CVERecord?id=CVE-2021-23214
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-23214.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2021-23214
- Aliases
- Downstream
- Related
- Published
- 2022-03-04T16:15:08.293Z
- Modified
- 2026-02-13T00:29:55.822842Z
- Severity
-
- 8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption.
- References
-
- https://git.postgresql.org/gitweb/?p=postgresql.git%3Ba=commit%3Bh=28e24125541545483093819efae9bca603441951
- https://bugzilla.redhat.com/show_bug.cgi?id=2022666
- https://github.com/postgres/postgres/commit/28e24125541545483093819efae9bca603441951
- https://security.gentoo.org/glsa/202211-04
- https://www.postgresql.org/support/security/CVE-2021-23214/
- https://bugzilla.redhat.com/show_bug.cgi?id=2022666
- https://bugzilla.redhat.com/show_bug.cgi?id=2022666
- https://github.com/postgres/postgres/commit/28e24125541545483093819efae9bca603441951
Affected packages
Git / github.com/postgres/postgres
Affected ranges
- Type
- GIT
- Repo
- https://github.com/postgres/postgres
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedIntroducedFixedIntroducedFixedIntroducedFixedIntroducedFixed
Affected versions
Other
REL_10_0
REL_10_1
REL_10_10
REL_10_11
REL_10_12
REL_10_13
REL_10_14
REL_10_15
REL_10_16
REL_10_17
REL_10_18
REL_10_2
REL_10_3
REL_10_4
REL_10_5
REL_10_6
REL_10_7
REL_10_8
REL_10_9
REL_11_0
REL_11_1
REL_11_10
REL_11_11
REL_11_12
REL_11_13
REL_11_2
REL_11_3
REL_11_4
REL_11_5
REL_11_6
REL_11_7
REL_11_8
REL_11_9
REL_12_0
REL_12_1
REL_12_2
REL_12_3
REL_12_4
REL_12_5
REL_12_6
REL_12_7
REL_12_8
REL_13_0
REL_13_1
REL_13_2
REL_13_3
REL_13_4
Database specific
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-23214.json"
vanir_signatures
[
{
"digest": {
"function_hash": "3811890202093623500044753568135729362",
"length": 6502.0
},
"signature_version": "v1",
"target": {
"file": "src/backend/postmaster/postmaster.c",
"function": "ProcessStartupPacket"
},
"signature_type": "Function",
"id": "CVE-2021-23214-105eea8c",
"source": "https://github.com/postgres/postgres/commit/28e24125541545483093819efae9bca603441951",
"deprecated": false
},
{
"digest": {
"line_hashes": [
"144879391767781558536346253203041229101",
"143909272608489929547646403088676984859",
"165740410277193971204068639552488249268",
"152409958841785490640372562688845117313",
"234706297917235548429385406617794107408",
"11828208314494370596831837586978750783"
],
"threshold": 0.9
},
"signature_version": "v1",
"target": {
"file": "src/backend/postmaster/postmaster.c"
},
"signature_type": "Line",
"id": "CVE-2021-23214-55642aa1",
"source": "https://github.com/postgres/postgres/commit/28e24125541545483093819efae9bca603441951",
"deprecated": false
},
{
"digest": {
"line_hashes": [
"257279594944366299067624145088475835974",
"188038483610294623053840785400255306180",
"333524964208957746553278214859551397688"
],
"threshold": 0.9
},
"signature_version": "v1",
"target": {
"file": "src/backend/libpq/pqcomm.c"
},
"signature_type": "Line",
"id": "CVE-2021-23214-a802c310",
"source": "https://github.com/postgres/postgres/commit/28e24125541545483093819efae9bca603441951",
"deprecated": false
},
{
"digest": {
"line_hashes": [
"269875017630651410691849837907292701499",
"126933090860823315927436042326420265172",
"127112800835486014972045098290616986500",
"168426345693575339352762023412076698426"
],
"threshold": 0.9
},
"signature_version": "v1",
"target": {
"file": "src/include/libpq/libpq.h"
},
"signature_type": "Line",
"id": "CVE-2021-23214-ee44c440",
"source": "https://github.com/postgres/postgres/commit/28e24125541545483093819efae9bca603441951",
"deprecated": false
}
]