Lucene search
HistoryMar 14, 2024 - 9:15 p.m.
CVE-2024-1713
plv8
user
database
deferred triggers
superuser
autovacuum
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:H
EPSS
0
Percentile
9.0%
A user who can create objects in a database with plv8 3.2.1 installed is able to cause deferred triggers to execute as the Superuser during autovacuum.
Related
cve
cve
CVE-2024-1713
2024-03-14 21:15:50
ubuntucve
ubuntucve
CVE-2024-1713
2024-03-14 00:00:00
cvelist
cvelist
CVE-2024-1713 Plv8 Deferred Trigger Privilege Escalation
2024-03-14 20:14:28
vulnrichment
vulnrichment
CVE-2024-1713 Plv8 Deferred Trigger Privilege Escalation
2024-03-14 20:14:28
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:H
EPSS
0
Percentile
9.0%
Related for NVD:CVE-2024-1713