2 matches found
CVE-2026-14178
openGauss 在处理带 NLS 参数的 totimestamp 调用时,totimestampwithfmtnls 会将 nlsfmtstr 保存到 usess-parsercxt.nlsfmtstr。在 seqscan + sort 执行路径下,该字符串原本被分配在 SeqScan 的表达式上下文中;当 SeqScan 完成后,该内存上下文会被 reset,但后续结果输出阶段 timestampout 仍会通过 CheckNlsFormat 访问 usess-parsercxt.nlsfmtstr,导致访问已释放内存。攻击者在具备数据库 SQL 执行权限的情况下,可构造特定...
Huawei openGauss 安全漏洞
Huawei openGauss is an open source relational database management system from Huawei China. A security vulnerability exists in Huawei openGauss version 5.0.0, which originates from a vulnerability that could allow a local attacker to cause a denial of service by modifying table properties...