EUVD-2024-33374

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-10976

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and...

Amazon Linux 2 : libpq (ALASPOSTGRESQL14-2024-015)

The version of libpq installed on the remote host is prior to 14.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2POSTGRESQL14-2024-015 advisory. Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different...

ALPINE-CVE-2024-10976

Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery, WITH query, security invok...

FreeBSD : PostgreSQL -- PostgreSQL row security below e.g. subqueries disregards user ID changes (3831292b-a29d-11ef-af48-6cc21735f730)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 3831292b-a29d-11ef-af48-6cc21735f730 advisory. PostgreSQL project reports: Incomplete tracking in PostgreSQL of tables with row security allows a reus...