55 matches found
PT-2025-23864 · Unknown +1 · Postgresql Anonymizer +1
Name of the Vulnerable Software and Affected Versions: PostgreSQL Anonymizer versions 2.0 through 2.1 Description: The issue allows a masked user to bypass the masking rules defined on a table and read the original data using a database cursor or the --insert option of pg dump. This problem occur...
CVE-2024-2338
PostgreSQL Anonymizer v1.2 contains a SQL injection vulnerability that allows a user who owns a table to elevate to superuser when dynamic masking is enabled. PostgreSQL Anonymizer enables users to set security labels on tables to mask specified columns. There is a flaw that allows complex...
The vulnerability of the PostgreSQL data anonymization extension in the PostgreSQL Anonymizer tool lies in the lack of security measures for SQL query structures. This allows attackers to elevate their privileges to superuser levels.
The vulnerability of the PostgreSQL anonymization extension in the PostgreSQL Anonymizer database relates to the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor, operating remotely, to elevate their privileges to the level of superuser...
The vulnerability of the “restrict_to_trusted_schemas” option in PostgreSQL’s data anonymization functions in the PostgreSQL Anonymizer database allows a malicious user to elevate their privileges to superuser status.
The vulnerability of the restricttotrustedschemas option in PostgreSQL’s data anonymization feature exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to elevate their privileges to superuser status...
CVE-2024-2338
PostgreSQL Anonymizer v1.2 contains a SQL injection vulnerability that allows a user who owns a table to elevate to superuser when dynamic masking is enabled. PostgreSQL Anonymizer enables users to set security labels on tables to mask specified columns. There is a flaw that allows complex...
Input validation
PostgreSQL Anonymizer v1.2 contains a vulnerability that allows a user who owns a table to elevate to superuser. A user can define a masking function for a column and place malicious code in that function. When a privileged user applies the masking rules using the static masking or the anonymous...
CVE-2024-2339 Improper Input Validation in PostgreSQL Anonymizer 1.2 allows table owner to gain superuser privileges via masking rule
PostgreSQL Anonymizer v1.2 contains a vulnerability that allows a user who owns a table to elevate to superuser. A user can define a masking function for a column and place malicious code in that function. When a privileged user applies the masking rules using the static masking or the anonymous...
CVE-2024-2339 Improper Input Validation in PostgreSQL Anonymizer 1.2 allows table owner to gain superuser privileges via masking rule
PostgreSQL Anonymizer v1.2 contains a vulnerability that allows a user who owns a table to elevate to superuser. A user can define a masking function for a column and place malicious code in that function. When a privileged user applies the masking rules using the static masking or the anonymous...
CVE-2024-2339 Improper Input Validation in PostgreSQL Anonymizer 1.2 allows table owner to gain superuser privileges via masking rule
PostgreSQL Anonymizer v1.2 contains a vulnerability that allows a user who owns a table to elevate to superuser. A user can define a masking function for a column and place malicious code in that function. When a privileged user applies the masking rules using the static masking or the anonymous...
CVE-2024-2338 SQL Injection in PostgreSQL Anonymizer 1.2 allows table owner to gain superuser privileges via masking rule
PostgreSQL Anonymizer v1.2 contains a SQL injection vulnerability that allows a user who owns a table to elevate to superuser when dynamic masking is enabled. PostgreSQL Anonymizer enables users to set security labels on tables to mask specified columns. There is a flaw that allows complex...
CVE-2024-2338 SQL Injection in PostgreSQL Anonymizer 1.2 allows table owner to gain superuser privileges via masking rule
PostgreSQL Anonymizer v1.2 contains a SQL injection vulnerability that allows a user who owns a table to elevate to superuser when dynamic masking is enabled. PostgreSQL Anonymizer enables users to set security labels on tables to mask specified columns. There is a flaw that allows complex...
CVE-2024-2338 SQL Injection in PostgreSQL Anonymizer 1.2 allows table owner to gain superuser privileges via masking rule
PostgreSQL Anonymizer v1.2 contains a SQL injection vulnerability that allows a user who owns a table to elevate to superuser when dynamic masking is enabled. PostgreSQL Anonymizer enables users to set security labels on tables to mask specified columns. There is a flaw that allows complex...
PostgreSQL Anonymizer Security Vulnerability
PostgreSQL Anonymizer is an extension for masking or replacing personally identifiable information PII or commercially sensitive data in PostgreSQL databases. A security vulnerability exists in PostgreSQL Anonymizer version v1.2 that originates from allowing a user who owns a table to be promoted...
PostgreSQL Anonymizer Security Vulnerability
PostgreSQL Anonymizer is an extension for masking or replacing personally identifiable information PII or commercially sensitive data in PostgreSQL databases. A security vulnerability exists in PostgreSQL Anonymizer version v1.2 that originates from allowing a user who owns a table to be promoted...
PT-2024-2087 · Unknown · Postgresql Anonymizer
Name of the Vulnerable Software and Affected Versions: PostgreSQL Anonymizer version 1.2 Description: The issue is related to a SQL injection vulnerability in PostgreSQL Anonymizer. This vulnerability allows a user who owns a table to elevate their privileges to superuser when dynamic masking is...