3 matches found
The vulnerability of the “restrict_to_trusted_schemas” option in PostgreSQL’s data anonymization functions in the PostgreSQL Anonymizer database allows a malicious user to elevate their privileges to superuser status.
The vulnerability of the restricttotrustedschemas option in PostgreSQL’s data anonymization feature exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to elevate their privileges to superuser status...
Input validation
PostgreSQL Anonymizer v1.2 contains a vulnerability that allows a user who owns a table to elevate to superuser. A user can define a masking function for a column and place malicious code in that function. When a privileged user applies the masking rules using the static masking or the anonymous...
CVE-2024-2339
PostgreSQL Anonymizer v1.2 has a vulnerability that allows a table owner to escalate to superuser by placing malicious code in a masking function for a column. When privileged users apply masking rules (static masking or anonymous dump), the code can be executed and grant escalated privileges to ...