Main Vulnerability Database Vulnerabilities #VU111782

Input validation error in PostgreSQL - CVE-2007-0555

Published: January 19, 2023 / Updated: June 23, 2025

Vulnerability identifier: #VU111782

CSH Severity: High

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2007-0555

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: PostgreSQL Global Development Group

Affected software:
PostgreSQL

Detailed vulnerability description

The vulnerability allows a remote user to read data or crash the application.

PostgreSQL 7.3 before 7.3.13, 7.4 before 7.4.16, 8.0 before 8.0.11, 8.1 before 8.1.7, and 8.2 before 8.2.2 allows attackers to disable certain checks for the data types of SQL function arguments, which allows remote authenticated users to cause a denial of service (server crash) and possibly access database content.

How to mitigate CVE-2007-0555

Install update from vendor's website.

Input validation error in PostgreSQL - CVE-2007-0555

Detailed vulnerability description

How to mitigate CVE-2007-0555

Sources

Please verify you're human