2 matches found
postgresql: PostgreSQL executes arbitrary code in restore operation
A flaw was found in PostgreSQL. This vulnerability allows a malicious user of the PostgreSQL server to inject arbitrary code in dump files created by pgdump, pgdumpall, pgrestore, and pgupgrade, causing arbitrary code execution on the client machine or SQL injection when these dump files are...
PostgreSQL 13.x < 13.22 / 14.x < 14.19 / 15.x < 15.14 / 16.x < 16.10 / 17.x < 17.6 Multiple Vulnerabilities
The version of PostgreSQL installed on the remote host is 13 prior to 13.22, 14 prior to 14.19, 15 prior to 15.14, 16 prior to 16.10, or 17 prior to 17.6. As such, it is potentially affected by multiple vulnerabilities : - Improper neutralization of newlines in pgdump in PostgreSQL allows a user ...