Lucene search

K
prionPRIOn knowledge basePRION:CVE-2023-39418
HistoryAug 11, 2023 - 1:15 p.m.

Command injection

2023-08-1113:15:00
PRIOn knowledge base
www.prio-n.com
12
postgresql
vulnerability
merge command
security policies
nvd

4.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.4%

A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows.