postgresql is vulnerable to sql injection. The vulnerability exists incomplete efforts to operate safely when a privileged user is maintaining another user’s objects which allows an attacker to inject and execute arbitrary sql functions.
access.redhat.com/security/cve/CVE-2022-1552
bugzilla.redhat.com/show_bug.cgi?id=2081126
security-tracker.debian.org/tracker/CVE-2022-1552
security.gentoo.org/glsa/202211-04
security.netapp.com/advisory/ntap-20221104-0005/
www.postgresql.org/about/news/postgresql-143-137-1211-1116-and-1021-released-2449/
www.postgresql.org/support/security/CVE-2022-1552/