Several vulnerabilities have been discovered in PostgreSQL, a database server. The Common Vulnerabilities and Exposures project identifies the following problems:

It was discovered that PostgreSQL did not properly verify the Common Name attribute in X.509 certificates, enabling attackers to bypass the (optional) TLS protection on client-server connections, by relying on a certificate from a trusted CA which contains an embedded NUL byte in the Common Name (CVE-2009-4034)...

Read More