Vulnerability in core server (CVE-2024-0985)
PostgreSQL non-owner REFRESH MATERIALIZED VIEW CONCURRENTLY executes arbitrary SQL UPDATE June 19, 2024 : Added v16 as impacted. Updated description to clarify the attack vector. Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute...