Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:24599
HistoryApr 10, 2020 - 12:58 a.m.

Arbitrary Code Execution

2020-04-1000:58:44
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8

0.019 Low

EPSS

Percentile

88.5%

postgresql is vulnerable to arbitrary code execution. A stack-based buffer overflow flaw was found in the way PostgreSQL processed certain tokens from an SQL query when the intarray module was enabled on a particular database. An authenticated database user running a specially-crafted SQL query could use this flaw to cause a temporary denial of service (postgres daemon crash) or, potentially, execute arbitrary code with the privileges of the database server.

References