The vulnerability of the PostgreSQL database management system, related to deficiencies in access control, allows attackers to enhance their privileges and execute arbitrary code.

The vulnerability of the SchemaHandler component in the PostgreSQL database management system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary code using the CREATE SCHEMA command...

Arbitrary Code Execution

postgresql is vulnerable to Arbitrary Code Execution. The vulnerability is available within the 'CREATE SCHEMA' statement and can be used by a malicious attacker with database-level 'CREATE' privilege to bypass the protective 'searchpath' changes and execute arbitrary code as the bootstrap...

PT-2023-3148 · Unknown +11 · Postgresql +10

Name of the Vulnerable Software and Affected Versions: PostgreSQL affected versions not specified Description: The issue is related to a component of the PostgreSQL database management system, specifically the Schema Handler, which has inadequate access control. This can allow a remote attacker...