Lucene search

K
mageiaGentoo FoundationMGASA-2024-0184
HistoryMay 22, 2024 - 2:17 a.m.

Updated postgresql15 & postgresql13 packages fix security vulnerability

2024-05-2202:17:20
Gentoo Foundation
advisories.mageia.org
16
postgresql
cve-2024-4317
security

CVSS3

3.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

7.3

Confidence

Low

EPSS

0

Percentile

9.0%

Restrict visibility of pg_stats_ext and pg_stats_ext_exprs entries to the table owner. (CVE-2024-4317)

CVSS3

3.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

7.3

Confidence

Low

EPSS

0

Percentile

9.0%