CVE-2017-7546: postgresql: Empty password accepted in some authentication methods

Severity: Critical

CVSS Score: 9.8

PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allowing remote attackers to gain access to database accounts with an empty password.