4 matches found
Advisory ROSA-SA-2025-2743
Software: postgresql14 14.13 OS: ROSA Virtualization 3.0 packageevrstring: postgresql14-14.13-2PGDG.0.1.rv30 CVE-ID: CVE-2023-2454 BDU-ID: 2023-03247 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Schema Handler component of the PostgreSQL database management system is related to access...
GLSA-202409-02 : PostgreSQL: Privilege Escalation
The remote host is affected by the vulnerability described in GLSA-202409-02 PostgreSQL: Privilege Escalation A vulnerability has been discovered in PostgreSQL. Please review the CVE identifier referenced below for details. Tenable has extracted the preceding description block directly from the...
CVE-2024-7348
Time-of-check Time-of-use TOCTOU race condition in pgdump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting...
CVE-2024-7348 PostgreSQL relation replacement during pg_dump executes arbitrary SQL
Time-of-check Time-of-use TOCTOU race condition in pgdump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting...