The set_user extension module before 2.0.1 for PostgreSQL allows a potential privilege escalation using RESET SESSION AUTHORIZATION after set_user().
9.8CVSS
9.6AI Score
0.002EPSS
The set_user extension module before 3.0.0 for PostgreSQL allows ProcessUtility_hook bypass via set_config.
9.8CVSS
9.5AI Score
0.003EPSS