A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user’s objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not at all during the process. This flaw allows an attacker with permission to create non-temporary objects in at least one schema to execute arbitrary SQL functions under a superuser identity. More at: https://www.postgresql.org/support/security/CVE-2022-1552/

Products Confirmed Not Affected

Brocade Fabric OS is NOT AFFECTED
Brocade ASCG is NOT AFFECTED
Brocade SANNav is UNDER INVESTIGATION

nessus 61

debian 2

oraclelinux 5

suse 4

ibm 11

debiancve 1

osv 12

openvas 27

freebsd 1

rocky 4

almalinux 2

redhat 15

altlinux 12

amazon 1

ubuntucve 1

cbl_mariner 2

alpinelinux 1

ubuntu 2

cloudfoundry 1

centos 1

veracode 1

cve 1

redhatcve 1

kaspersky 1

mageia 2

redos 1

prion 1

virtuozzo 2

gentoo 1

nessus

Oracle Linux 7 : postgresql (ELSA-2022-5162)

2022-06-22 00:00:00

AlmaLinux 8 : postgresql:12 (ALSA-2022:4807)

2022-06-06 00:00:00

SUSE SLES12 Security Update : postgresql14 (SUSE-SU-2022:1874-1)

2022-05-28 00:00:00

debian

[SECURITY] [DSA 5136-1] postgresql-13 security update

2022-05-12 19:28:35

[SECURITY] [DSA 5135-1] postgresql-11 security update

2022-05-12 19:28:08

oraclelinux

postgresql:12 security update

2022-06-01 00:00:00

postgresql:13 security update

2022-06-02 00:00:00

postgresql security update

2022-06-30 00:00:00

suse

Security update for postgresql10 (important)

2022-05-31 00:00:00

Security update for postgresql12 (important)

2022-05-31 00:00:00

Security update for postgresql14 (important)

2022-06-01 00:00:00

ibm

Security Bulletin: Vulnerability in PostgreSQL may affect IBM Elastic Storage System

2022-11-01 10:43:58

Security Bulletin: IBM Security Guardium is affected by a PostgreSQL vulnerability (CVE-2022-1552)

2022-11-08 15:56:24

Security Bulletin: IBM Connect:Direct Web Services vulnerable to remote security bypass due to PostgreSQL (CVE-2022-1552)

2022-08-24 05:32:42

debiancve

CVE-2022-1552

2022-08-31 16:15:00

osv

BIT-postgresql-2022-1552

2024-03-06 11:04:04

Important: postgresql:12 security update

2022-05-31 07:56:56

postgresql-10, postgresql-12, postgresql-13, postgresql-14 vulnerability

2022-05-24 11:46:11

openvas

Ubuntu: Security Advisory (USN-5676-1)

2022-10-14 00:00:00

SUSE: Security Advisory (SUSE-SU-2022:1869-1)

2022-05-30 00:00:00

SUSE: Security Advisory (SUSE-SU-2022:1890-1)

2022-06-01 00:00:00

freebsd

PostgreSQL Server -- execute arbitrary SQL code as DBA user

2022-05-11 00:00:00

rocky

postgresql:12 security update

2022-05-31 07:56:56

postgresql:13 security update

2022-06-01 13:45:22

postgresql security update

2022-05-30 07:19:50

almalinux

Important: postgresql:10 security update

2022-05-30 11:39:32

Important: postgresql:12 security update

2022-05-31 07:56:56

redhat

(RHSA-2022:4915) Important: rh-postgresql12-postgresql security update

2022-06-06 06:50:06

(RHSA-2022:4807) Important: postgresql:12 security update

2022-05-31 07:56:56

(RHSA-2022:4894) Important: postgresql:10 security update

2022-06-02 09:21:25

altlinux

Security fix for the ALT Linux 9 package postgresql11 version 11.16-alt0.M90P.1

2022-05-18 00:00:00

Security fix for the ALT Linux 10 package postgresql14-1C version 14.3-alt1

2022-05-13 00:00:00

Security fix for the ALT Linux 10 package postgresql11 version 11.16-alt1

2022-05-13 00:00:00

amazon

Important: postgresql

2022-09-01 21:09:00

ubuntucve

CVE-2022-1552

2022-05-12 00:00:00

cbl_mariner

CVE-2022-1552 affecting package postgresql 14.2-2

2022-10-05 23:33:47

CVE-2022-1552 affecting package postgresql 12.8-1

2022-10-13 00:40:15

alpinelinux

CVE-2022-1552

2022-08-31 16:15:00

ubuntu

PostgreSQL vulnerability

2022-05-24 00:00:00

PostgreSQL vulnerability

2022-10-13 00:00:00

cloudfoundry

USN-5440-1: PostgreSQL vulnerability | Cloud Foundry

2022-07-28 00:00:00

centos

postgresql security update

2022-08-02 19:22:33

veracode

SQL Injection

2022-05-16 15:11:30

cve

CVE-2022-1552

2022-08-31 16:15:00

redhatcve

CVE-2022-1552

2022-05-13 10:26:11

kaspersky

KLA12537 PE vulnerability in PostgreSQL

2022-05-12 00:00:00

mageia

Updated postgresql packages fix security vulnerability

2022-05-22 16:36:26

Updated postgresql packages fix security vulnerability

2022-08-29 08:07:41

redos

ROS-20220530-02

2022-05-30 00:00:00

prion

Design/Logic Flaw

2022-08-31 16:15:00

virtuozzo

Virtuozzo Hybrid Infrastructure 4.7 Update 1.4 (4.7.1-53)

2022-05-25 00:00:00

Virtuozzo Hybrid Infrastructure 5.0 Update 1.3 (5.0.1-57)

2022-05-25 00:00:00

gentoo

PostgreSQL: Multiple Vulnerabilities

2022-11-19 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.6%

JSON

Related for BSNSA22190