CVE-2024-1713

Опубликовано: 14 мар. 2024

Источник: nvd

CVSS3: 7.2

EPSS Низкий

Описание

A user who can create objects in a database with plv8 3.2.1 installed is able to cause deferred triggers to execute as the Superuser during autovacuum.

Ссылки

https://github.com/google/security-research/security/advisories/GHSA-r7m9-grw7-vcc4
Exploit
Third Party Advisory
https://github.com/google/security-research/security/advisories/GHSA-r7m9-grw7-vcc4
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:plv8:plv8:3.2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 22%

0.00071

Низкий

7.2 High

CVSS3

7.2 High

CVSS3

Дефекты

CWE-394

CWE-754

Связанные уязвимости

CVE-2024-1713

CVSS3: 7.2

ubuntu

почти 2 года назад

A user who can create objects in a database with plv8 3.2.1 installed is able to cause deferred triggers to execute as the Superuser during autovacuum.

CVE-2024-1713

CVSS3: 7.2

debian

почти 2 года назад

A user who can create objects in a database with plv8 3.2.1 installed ...

EPSS

Процентиль: 22%

0.00071

Низкий

7.2 High

CVSS3

7.2 High

CVSS3

Дефекты

CWE-394

CWE-754