8 matches found
RHEL 8 : postgresql:9.6 (RHSA-2020:5661)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5661 advisory. PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream...
postgresql: ALTER ... DEPENDS ON EXTENSION is missing authorization checks
A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function, triggers, et al., leading to database corruption...
postgresql: ALTER ... DEPENDS ON EXTENSION is missing authorization checks
A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function, triggers, et al., leading to database corruption...
postgresql: ALTER ... DEPENDS ON EXTENSION is missing authorization checks
A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function, triggers, et al., leading to database corruption...
Updated postgresql packages fix security vulnerability
Updated postgresql9.6 and postgresql11 packages fix security vulnerability: The ALTER ... DEPENDS ON EXTENSION sub-commands do not perform authorization checks, which can allow an unprivileged user to drop any function, procedure, materialized view, index, or trigger under certain conditions. Thi...
USN-4282-1 postgresql-10, postgresql-11 vulnerability
It was discovered that PostgreSQL incorrectly performed authorization checks when handling the "ALTER ... DEPENDS ON EXTENSION" sub-commands. A remote attacker could possibly use this issue to drop any function, procedure, materialized view, index, or trigger under certain conditions...
PostgresSQL -- ALTER ... DEPENDS ON EXTENSION is missing authorization checks
The PostgreSQL project reports: Versions Affected: 9.6 - 12 The ALTER ... DEPENDS ON EXTENSION sub-commands do not perform authorization checks, which can allow an unprivileged user to drop any function, procedure, materialized view, index, or trigger under certain conditions. This attack is...
CVE-2009-3386
Template.pm in Bugzilla 3.3.2 through 3.4.3 and 3.5 through 3.5.1 allows remote attackers to discover the alias of a private bug by reading the 1 Depends On or 2 Blocks field of a related bug...