7.7 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.01 Low
EPSS
Percentile
83.4%
An SQL injection was discovered in Pike’s PostgreSQL module.
Applications using a PostgreSQL database and uncommon character
encodings could be fooled into running arbitrary SQL commands, which
could result in privilege escalation within the application, application
data exposure, or denial of service.
Please refer to <http://www.ubuntu.com/usn/usn-288-1> for more detailled
information.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 5.04 | noarch | pike7.6-pg | < 7.6.13-1ubuntu0.1 | UNKNOWN |