Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2023/12/20 9:45 a.m.3 views

postgresql: MERGE fails to enforce UPDATE or SELECT row security policies

A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows...

4.3CVSS7.3AI score0.00956EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/08/16 2:19 a.m.5 views

SUSE CVE-2023-39418

A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows...

4.7CVSS7.5AI score0.00956EPSS
Exploits0References8
OSV
OSV
added 2023/08/11 1:15 p.m.3 views

DEBIAN-CVE-2023-39418

A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows...

4.3CVSS6.2AI score0.00956EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/11/03 2:54 p.m.3 views

owasp-java-html-sanitizer: improper policies enforcement may lead to remote code execution

The OWASP Java HTML Sanitizer before 20211018.1 does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements...

9.8CVSS6.7AI score0.02844EPSS
Exploits1References4
Rows per page
Query Builder