Lucene search

K
cvelistDebianCVELIST:CVE-2019-3466
HistoryNov 20, 2019 - 5:16 p.m.

CVE-2019-3466

2019-11-2017:16:16
debian
www.cve.org

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

The pg_ctlcluster script in postgresql-common in versions prior to 210 didn’t drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation.

CNA Affected

[
  {
    "product": "postgresql-common (Debian-specific Postgres management tools)",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Versions before 210"
      }
    ]
  }
]

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%