Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2023-31131
HistoryMay 15, 2023 - 10:15 p.m.

Path traversal

2023-05-1522:15:00
PRIOn knowledge base
www.prio-n.com
1
greenplum database
path traversal
vulnerability
upgrade
data warehouse
postgresql
arbitrary file writes
system files.

9.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.0%

JSON

Greenplum Database (GPDB) is an open source data warehouse based on PostgreSQL. In versions prior to 6.22.3 Greenplum Database used an unsafe methods to extract tar files within GPPKGs. greenplum-db is vulnerable to path traversal leading to arbitrary file writes. An attacker can use this vulnerability to overwrite data or system files potentially leading to crash or malfunction of the system. Any files which are accessible to the running process are at risk. All users are requested to upgrade to Greenplum Database version 6.23.2 or higher. There are no known workarounds for this vulnerability.

CPENameOperatorVersion
greenplum_databaselt6.22.3

Related

cvelist 1
cve 1
osv 1
nvd 1
cvelist
cvelist
CVE-2023-31131 Arbitrary File Write when Extracting Tarballs in greenplum-db
2023-05-15 21:05:49
cve
cve
CVE-2023-31131
2023-05-15 22:15:12
osv
osv
CVE-2023-31131
2023-05-15 22:15:12
nvd
nvd
CVE-2023-31131
2023-05-15 22:15:12

9.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.0%

JSON
Related for PRION:CVE-2023-31131
cvelist1cve1osv1nvd1