42 matches found
EUVD-2026-32504
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a table and placing malicious code inside a column identifier. If a superuser calls the k-anonymity function, the malicious code is executed with superuser privileges. The risk is higher wit...
CVE-2026-9617 PostgreSQL Anonymizer: malicious column name allows SQL injection via anon.k_anonymity() function
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a table and placing malicious code inside a column identifier. If a superuser calls the k-anonymity function, the malicious code is executed with superuser privileges. The risk is higher wit...
PostgreSQL Anonymizer 安全漏洞
PostgreSQL Anonymizer is an open-source extension developed by DALIBO in France, designed to mask or replace personally identifiable information PII or commercially sensitive data in PostgreSQL databases. PostgreSQL Anonymizer has a security vulnerability that stems from allowing users to obtain...
PT-2026-43992
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a table and placing malicious code inside a column identifier. If a superuser calls the k-anonymity function, the malicious code is executed with superuser privileges. The risk is higher wit...
Fedora 44 : postgresql16-anonymizer (2026-1ace5758de)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-1ace5758de advisory. Updated to newest version fixing CVEs found in the previous one Tenable has extracted the preceding description block directly from the Fedora...
Linux Distros Unpatched Vulnerability : CVE-2026-2361
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a temporary view based on a function containing...
CVE-2026-2361
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a temporary view based on a function containing malicious code. When the anon.gettablesampleratio function is then called, the malicious code is executed with superuser privileges. This...
CVE-2026-2361
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a temporary view based on a function containing malicious code. When the anon.gettablesampleratio function is then called, the malicious code is executed with superuser privileges. This...
CVE-2026-2360
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a custom operator in the public schema and place malicious code in that operator. This operator will later be executed with superuser privileges when the extension is created. The risk is...
UBUNTU-CVE-2026-2361
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a temporary view based on a function containing malicious code. When the anon.gettablesampleratio function is then called, the malicious code is executed with superuser privileges. This...
CVE-2026-2361 Improper search_path protection in PostgreSQL Anonymizer 2.5 allows any user with create privilege to gain superuser privileges
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a temporary view based on a function containing malicious code. When the anon.gettablesampleratio function is then called, the malicious code is executed with superuser privileges. This...
CVE-2026-2361 Improper search_path protection in PostgreSQL Anonymizer 2.5 allows any user with create privilege to gain superuser privileges
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a temporary view based on a function containing malicious code. When the anon.gettablesampleratio function is then called, the malicious code is executed with superuser privileges. This...
CVE-2026-2361
CVE-2026-2361 affects PostgreSQL Anonymizer. A user can gain superuser privileges by creating a temporary view that includes a function with malicious code; when anon.get_tablesample_ratio runs, the code executes with superuser privileges. This requires CREATE privilege in PostgreSQL 15+ and is m...
CVE-2026-2360
CVE-2026-2360 affects PostgreSQL Anonymizer. A vulnerability lets a user gain superuser privileges by creating a custom operator in the public schema, placing malicious code there, which is executed with superuser rights when the extension is created. Risk is higher on PostgreSQL 14 or when upgra...
CVE-2026-2360 Improper search_path protection in PostgreSQL Anonymizer 2.5 allows any user to gain superuser privileges in PostgreSQL 14
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a custom operator in the public schema and place malicious code in that operator. This operator will later be executed with superuser privileges when the extension is created. The risk is...
CVE-2026-2360
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a custom operator in the public schema and place malicious code in that operator. This operator will later be executed with superuser privileges when the extension is created. The risk is...
PT-2026-7633
Name of the Vulnerable Software and Affected Versions PostgreSQL Anonymizer versions prior to 3.0.1 Description The software contains a flaw that could allow a user to obtain superuser privileges. This is achieved by creating a custom operator within the public schema and embedding malicious code...
PostgreSQL Anonymizer 安全漏洞
PostgreSQL Anonymizer is an open-source extension developed by DALIBO in France, designed to mask or replace personally identifiable information PII or commercially sensitive data in PostgreSQL databases. PostgreSQL Anonymizer has a security vulnerability that stems from allowing users to create...
DALIBO PostgreSQL Anonymizer 安全漏洞
DALIBO PostgreSQL Anonymizer is an extension software developed by the French company DALIBO. It is designed to mask or replace personally identifiable information PII or commercially sensitive data in PostgreSQL databases. There is a security vulnerability in PostgreSQL Anonymizer, which stems...
CVE-2024-2339
PostgreSQL Anonymizer v1.2 contains a vulnerability that allows a user who owns a table to elevate to superuser. A user can define a masking function for a column and place malicious code in that function. When a privileged user applies the masking rules using the static masking or the anonymous...