2 matches found
PostgreSQL 9.5.x < 9.5.22 / 9.6.x < 9.6.18 / 10.x < 10.13 / 11.x < 11.8 / 12.x < 12.3 Arbitrary Code Execution Vulnerability
The version of PostgreSQL installed on the remote host is 9.5 prior to 9.5.22, 9.6 prior to 9.6.18, 10 prior to 10.13, 11 prior to 11.8, or 12 prior to 12.3. As such, it is potentially affected by a which allows a Windows installer the ability to run executables from uncontrolled directories,...
Vulnerability in packaging (CVE-2020-10733)
Windows installer runs executables from uncontrolled directories The Windows installer for PostgreSQL invokes system-provided executables that do not have fully-qualified paths. Executables in the directory where the installer loads or the current working directory take precedence over the intend...