Description
In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.
Remediation
References
Related Vulnerabilities
WordPress Plugin A.M.Y. Cross-Site Scripting (1.3.3)
OpenSSL Inadequate Encryption Strength Vulnerability (CVE-2020-1968)
WordPress Plugin Easy Social Icons Cross-Site Scripting (3.1.2)
Oracle JRE CVE-2020-2756 Vulnerability (CVE-2020-2756)
WordPress Plugin Video.js-HTML5 Video Player for Wordpress Cross-Site Scripting (4.5.0)