Docker postgres version Vulnerability 

Issue date: 02-10-2024
Affects versions: 15.6, 15.5, 15.4, 14.6

Security Issue ID

SECURITY-549

 

Affected Product Version(s)

15.6.0, 14.7.21 (and previous patch releases)

 

Severity 

Medium

 

Description

CVE-2024-21742

Improper input validation allows for header injection in MIME4J library when using MIME4J DOM for composing message. This can be exploited by an attacker to add unintended headers to MIME messages.

CVSS v3 Base Score: N/A

CWE-20: Improper Input Validation

Instructions

Customers are recommended to upgrade to the latest version. As of the time of writing, 14.7.22, 15.7.0.