Описание
All versions of EnterpriseDB Postgres Advanced Server (EPAS) from 15.0 prior to 15.7.0 and from 16.0 prior to 16.3.0 may allow users using edbldr to bypass role permissions from pg_read_server_files. This could allow low privilege users to read files to which they would not otherwise have access.
Ссылки
EPSS
Процентиль: 24%
0.00078
Низкий
7.7 High
CVSS3
Дефекты
CWE-269
Связанные уязвимости
CVSS3: 7.7
github
больше 1 года назад
All versions of EnterpriseDB Postgres Advanced Server (EPAS) from 15.0 prior to 15.7.0 and from 16.0 prior to 16.3.0 may allow users using edbldr to bypass role permissions from pg_read_server_files. This could allow low privilege users to read files to which they would not otherwise have access.
EPSS
Процентиль: 24%
0.00078
Низкий
7.7 High
CVSS3
Дефекты
CWE-269