Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:24197
HistoryApr 10, 2020 - 12:48 a.m.

Access Restriction Bypass

2020-04-1000:48:52
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
22

EPSS

0.006

Percentile

78.2%

PostgreSQL is vulnerable to Access Restriction Bypass. Due to a flaw found in the way PostgreSQL enforced permission checks on scripts written in PL/Perl. If the PL/Perl procedural language was registered on a particular database, an authenticated database user running a specially-crafted PL/Perl script could use this flaw to bypass intended PL/Perl trusted mode restrictions, allowing them to run arbitrary Perl scripts with the privileges of the database server.

References