Уязвимость GHSA-chgx-7cw3-hr55

CVE-2023-39418

CVSS3: 3.1

ubuntu

почти 2 года назад

A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows.

CVE-2023-39418

CVSS3: 3.1

redhat

почти 2 года назад

A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows.

CVE-2023-39418

CVSS3: 3.1

nvd

почти 2 года назад

A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows.

CVE-2023-39418

CVSS3: 3.1

debian

почти 2 года назад

A vulnerability was found in PostgreSQL with the use of the MERGE comm ...

BDU:2023-04768

CVSS3: 3.1

fstec

почти 2 года назад

Уязвимость системы управления базами данных PostgreSQL, связанная с недостатками разграничения доступа, позволяющая нарушителю читать и обновлять защищенные данные

exploitDog

GHSA-chgx-7cw3-hr55

Описание

Ссылки

CVE ID

Дефекты

Связанные уязвимости

CVE ID

Дефекты