CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
86.7%
The PostgreSQL is vulnerable to Arbitrary Code Execution. The vulnerability is caused due to missing overflow checks during SQL array value modification. This can lead to an authenticated database user write arbitrary bytes to memory and extensively read the server’s memory by exploiting an integer overflow during array modification by providing specially crafted data.
access.redhat.com/errata/RHSA-2023:7545
access.redhat.com/errata/RHSA-2023:7579
access.redhat.com/errata/RHSA-2023:7580
access.redhat.com/errata/RHSA-2023:7581
access.redhat.com/errata/RHSA-2023:7616
access.redhat.com/errata/RHSA-2023:7656
access.redhat.com/errata/RHSA-2023:7666
access.redhat.com/errata/RHSA-2023:7667
access.redhat.com/errata/RHSA-2023:7694
access.redhat.com/errata/RHSA-2023:7695
access.redhat.com/errata/RHSA-2023:7714
access.redhat.com/errata/RHSA-2023:7770
access.redhat.com/errata/RHSA-2023:7771
access.redhat.com/errata/RHSA-2023:7772
access.redhat.com/errata/RHSA-2023:7778
access.redhat.com/errata/RHSA-2023:7783
access.redhat.com/errata/RHSA-2023:7784
access.redhat.com/errata/RHSA-2023:7785
access.redhat.com/errata/RHSA-2023:7786
access.redhat.com/errata/RHSA-2023:7788
access.redhat.com/errata/RHSA-2023:7789
access.redhat.com/errata/RHSA-2023:7790
access.redhat.com/errata/RHSA-2023:7878
access.redhat.com/errata/RHSA-2023:7883
access.redhat.com/errata/RHSA-2023:7884
access.redhat.com/errata/RHSA-2023:7885
access.redhat.com/errata/RHSA-2024:0304
access.redhat.com/errata/RHSA-2024:0332
access.redhat.com/errata/RHSA-2024:0337
access.redhat.com/security/cve/CVE-2023-5869
bugzilla.redhat.com/show_bug.cgi?id=2247169
security-tracker.debian.org/tracker/CVE-2023-5869
security.netapp.com/advisory/ntap-20240119-0003/
www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/
www.postgresql.org/support/security/CVE-2023-5869/