{"id":"CVE-2021-23222","details":"A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption.","aliases":["BIT-postgresql-2021-23222"],"modified":"2026-04-16T04:31:17.169298527Z","published":"2022-03-02T23:15:08.517Z","related":["ALSA-2022:1891","SUSE-SU-2021:3755-1","SUSE-SU-2021:3757-1","SUSE-SU-2021:3758-1","SUSE-SU-2021:3759-1","SUSE-SU-2021:3760-1","SUSE-SU-2021:3761-1","SUSE-SU-2021:3762-1","SUSE-SU-2021:4058-1","SUSE-SU-2022:2893-1","SUSE-SU-2022:2958-1","openSUSE-SU-2021:1584-1","openSUSE-SU-2021:3758-1","openSUSE-SU-2021:3759-1","openSUSE-SU-2021:3762-1","openSUSE-SU-2021:4058-1","openSUSE-SU-2024:11625-1","openSUSE-SU-2024:11626-1","openSUSE-SU-2024:11627-1","openSUSE-SU-2024:11628-1","openSUSE-SU-2024:11629-1","openSUSE-SU-2024:13243-1","openSUSE-SU-2024:14360-1","openSUSE-SU-2025:15580-1"],"references":[{"type":"WEB","url":"https://git.postgresql.org/gitweb/?p=postgresql.git%3Ba=commitdiff%3Bh=d83cdfdca9d918bbbd6bb209139b94c954da7228"},{"type":"ADVISORY","url":"https://www.postgresql.org/support/security/CVE-2021-23222/"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202211-04"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2022675"},{"type":"FIX","url":"https://github.com/postgres/postgres/commit/160c0258802d10b0600d7671b1bbea55d8e17d45"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/postgres/postgres","events":[{"introduced":"a721a1ba9cf6c86cb52f1bf325d5a27b64e870d6"},{"fixed":"a4116b8d5a4f68803452d8f1aa3f74f302049a90"},{"introduced":"5df0e99bea1c3e5fbffa7fbd0982da88ea149bb6"},{"fixed":"477008d10fb5a024038ed23f0beba901f1f47ae2"},{"introduced":"19f20081df059fef87e14c8e953669bd173dd7f1"},{"fixed":"7f05af399052dab32c28c253fa891dc1e8b4224b"},{"introduced":"ad1f2885b8c82e0c2d56d7974f012cbecce17a17"},{"fixed":"8a94efd9bb71c2d5473836ce4899aedb9b4cfb2e"},{"introduced":"29be9983a64c011eac0b9ee29895cce71e15ea77"},{"fixed":"084346ccee8ead6b387a90cdf6a29036ae9ec77e"},{"introduced":"0"},{"last_affected":"86a4dc1e6f29d1992a2afa3fac1a0b0a6e84568c"},{"fixed":"160c0258802d10b0600d7671b1bbea55d8e17d45"}],"database_specific":{"versions":[{"introduced":"9.6"},{"fixed":"9.6.24"},{"introduced":"10.0"},{"fixed":"10.19"},{"introduced":"11.0"},{"fixed":"11.14"},{"introduced":"12.0"},{"fixed":"12.9"},{"introduced":"13.0"},{"fixed":"13.5"},{"introduced":"0"},{"last_affected":"14.0"}]}}],"versions":["PG95-1_01","REL6_1","REL6_1_1","REL6_2","REL6_2_1","REL6_3","REL6_3_2","REL6_5","REL7_0","REL7_1","REL7_1_BETA","REL7_1_BETA2","REL7_1_BETA3","REL7_2","REL7_2_BETA1","REL7_2_BETA2","REL7_2_BETA3","REL7_2_BETA4","REL7_2_BETA5","REL7_2_RC1","REL7_2_RC2","REL7_4_BETA1","REL7_4_BETA2","REL7_4_BETA3","REL7_4_BETA4","REL7_4_BETA5","REL7_4_RC1","REL8_0_0","REL8_0_0BETA1","REL8_0_0BETA2","REL8_0_0BETA3","REL8_0_0BETA4","REL8_0_0BETA5","REL8_0_0RC1","REL8_0_0RC2","REL8_0_0RC3","REL8_0_0RC4","REL8_0_0RC5","REL8_1_0","REL8_1_0BETA1","REL8_1_0BETA2","REL8_1_0BETA3","REL8_1_0BETA4","REL8_1_0RC1","REL8_2_0","REL8_2_BETA1","REL8_2_BETA2","REL8_2_BETA3","REL8_2_RC1","REL8_3_0","REL8_3_BETA1","REL8_3_BETA2","REL8_3_BETA3","REL8_3_BETA4","REL8_3_RC1","REL8_3_RC2","REL8_4_0","REL8_4_BETA1","REL8_4_BETA2","REL8_4_RC1","REL8_4_RC2","REL9_0_ALPHA5","REL9_0_BETA1","REL9_0_BETA2","REL9_0_BETA3","REL9_1_ALPHA1","REL9_1_ALPHA2","REL9_1_ALPHA3","REL9_1_ALPHA4","REL9_1_ALPHA5","REL9_1_BETA1","REL9_1_BETA2","REL9_2_BETA1","REL9_2_BETA2","REL9_3_BETA1","REL9_4_BETA1","REL9_5_ALPHA1","REL9_6_0","REL9_6_1","REL9_6_10","REL9_6_11","REL9_6_12","REL9_6_13","REL9_6_14","REL9_6_15","REL9_6_16","REL9_6_17","REL9_6_18","REL9_6_19","REL9_6_2","REL9_6_20","REL9_6_21","REL9_6_22","REL9_6_23","REL9_6_3","REL9_6_4","REL9_6_5","REL9_6_6","REL9_6_7","REL9_6_8","REL9_6_9","REL9_6_BETA1","REL9_6_BETA2","REL9_6_BETA3","REL9_6_BETA4","REL_10_0","REL_10_1","REL_10_10","REL_10_11","REL_10_12","REL_10_13","REL_10_14","REL_10_15","REL_10_16","REL_10_17","REL_10_18","REL_10_2","REL_10_3","REL_10_4","REL_10_5","REL_10_6","REL_10_7","REL_10_8","REL_10_9","REL_10_BETA1","REL_10_BETA2","REL_10_BETA3","REL_11_0","REL_11_1","REL_11_10","REL_11_11","REL_11_12","REL_11_13","REL_11_2","REL_11_3","REL_11_4","REL_11_5","REL_11_6","REL_11_7","REL_11_8","REL_11_9","REL_11_BETA1","REL_11_BETA2","REL_12_0","REL_12_1","REL_12_2","REL_12_3","REL_12_4","REL_12_5","REL_12_6","REL_12_7","REL_12_8","REL_12_BETA1","REL_12_BETA2","REL_13_0","REL_13_1","REL_13_2","REL_13_3","REL_13_4","REL_13_BETA1","REL_14_0","REL_14_BETA1","REL_14_BETA2","REL_14_BETA3","REL_14_RC1","Release_1_0_2","Release_2_0","Release_2_0_0","release-6-3"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-23222.json","vanir_signatures":[{"digest":{"line_hashes":["10037443517696866748761392046871582022","325675312630126864791861414191520860108","248756423465337085234785710824740055381","219130724463359041405235398817575440371","18312600838351471896985731433715124179","29813103265162816138856506205737681509","248756423465337085234785710824740055381","219130724463359041405235398817575440371"],"threshold":0.9},"id":"CVE-2021-23222-e1be026c","source":"https://github.com/postgres/postgres/commit/160c0258802d10b0600d7671b1bbea55d8e17d45","signature_type":"Line","target":{"file":"src/interfaces/libpq/fe-connect.c"},"signature_version":"v1","deprecated":false},{"digest":{"length":22472,"function_hash":"218920273742902448943626208937972612244"},"id":"CVE-2021-23222-f5ed594b","source":"https://github.com/postgres/postgres/commit/160c0258802d10b0600d7671b1bbea55d8e17d45","signature_type":"Function","target":{"function":"PQconnectPoll","file":"src/interfaces/libpq/fe-connect.c"},"signature_version":"v1","deprecated":false}],"vanir_signatures_modified":"2026-04-11T13:53:57Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}