Docker postgres version Vulnerability
Issue date: 02-10-2024Affects versions: 15.6, 15.5, 15.4, 14.6
Security Issue ID
SECURITY-549
Affected Product Version(s)
15.6.0, 14.7.21 (and previous patch releases)
Severity
Medium
Description
Improper input validation allows for header injection in MIME4J library when using MIME4J DOM for composing message. This can be exploited by an attacker to add unintended headers to MIME messages.
CVSS v3 Base Score: N/A
CWE-20: Improper Input Validation
Instructions
Customers are recommended to upgrade to the latest version. As of the time of writing, 14.7.22, 15.7.0.