4 matches found
CVE-2024-2339
PostgreSQL Anonymizer v1.2 contains a vulnerability that allows a user who owns a table to elevate to superuser. A user can define a masking function for a column and place malicious code in that function. When a privileged user applies the masking rules using the static masking or the anonymous...
CVE-2024-35189
Fides vulnerability CVE-2024-35189 affects the BigQuery connection configuration secrets, where a bug in masking nested sensitive fields allowed plaintext exposure via API endpoints. Affected component: BigQuerySchema secrets structure containing keyfile_creds.private_key exposed in plaintext acr...
CVE-2024-2339
PostgreSQL Anonymizer v1.2 contains a vulnerability that allows a user who owns a table to elevate to superuser. A user can define a masking function for a column and place malicious code in that function. When a privileged user applies the masking rules using the static masking or the anonymous...
PT-2024-2088 · Unknown · Postgresql Anonymizer
Name of the Vulnerable Software and Affected Versions: PostgreSQL Anonymizer version 1.2 Description: The issue allows a user who owns a table to elevate to superuser by defining a masking function for a column and placing malicious code in that function. When a privileged user applies the maskin...