EUVD-2023-33940

Malicious code in bioql PyPI...

DEBIAN-CVE-2023-2455

Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security...

PostgreSQL 安全漏洞

PostgreSQL is a free object-relational database management system from the PostgreSQL organization. The system supports most of the SQL standards and provides many other features such as foreign keys, triggers, views, and more. A security vulnerability exists in PostgreSQL versions 11 through 15,...

HashiCorp Vault Incorrect Permission Assignment for Critical Resource

HashiCorp Vault and Vault Enterprise 0.11.0 up to 1.7.5 and 1.8.4 templated ACL policies would always match the first-created entity alias if multiple entity aliases exist for a specified entity and mount combination, potentially resulting in incorrect policy enforcement. Fixed in Vault and Vault...

Insecure Access Control

istio is vulnerable to insecure access control due to incorrect translation of DENY policy for TCP service...

Rare failure in the Identity Sharing network registration may potentially result in incorrect policy actions

Cause The connection is handled by the PEP Gateway, but no identity is found on the PEP for the connection’s IPs. With smart pull Identity sharing, the PEP Gateway will hold the connection if: 1. The Access Role is used in the policy and required for the final rulebase match. 2. There is a remote...

MGASA-2016-0136 Updated postgresql packages fix security vulnerabilities

Updated postgresql packages fix security vulnerabilities: A vulnerability in PostgreSQL 9.3.x before 9.3.12 and 9.4.x before 9.4.7 leads to potentially incorrect policies being applied in cases where role-specific policies are used and a given query is planned under one role and then executed und...