Описание
The validator functions for the procedural languages (PLs) in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to gain privileges via a function that is (1) defined in another language or (2) not allowed to be directly called by the user due to permissions.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| lucid | released | 8.4.20-0ubuntu010.04 |
| precise | released | 8.4.22-0ubuntu0.12.04 |
| quantal | DNE | |
| saucy | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 8.4.20 |
| utopic | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [9.1.12-1]] |
| lucid | DNE | |
| precise | released | 9.1.12-0ubuntu0.12.04 |
| quantal | released | 9.1.12-0ubuntu0.12.10 |
| saucy | released | 9.1.12-0ubuntu0.13.10 |
| trusty | released | 9.1.12-1 |
| trusty/esm | DNE | trusty was released [9.1.12-1] |
| upstream | released | 9.1.12 |
| utopic | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | not-affected | 9.3.3-1 |
| lucid | DNE | |
| precise | DNE | |
| quantal | DNE | |
| saucy | DNE | |
| trusty | released | 9.3.3-1 |
| trusty/esm | not-affected | 9.3.3-1 |
| upstream | released | 9.3.3 |
| utopic | DNE |
Показывать по
EPSS
6.5 Medium
CVSS2
Связанные уязвимости
The validator functions for the procedural languages (PLs) in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to gain privileges via a function that is (1) defined in another language or (2) not allowed to be directly called by the user due to permissions.
The validator functions for the procedural languages (PLs) in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to gain privileges via a function that is (1) defined in another language or (2) not allowed to be directly called by the user due to permissions.
The validator functions for the procedural languages (PLs) in PostgreS ...
The validator functions for the procedural languages (PLs) in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to gain privileges via a function that is (1) defined in another language or (2) not allowed to be directly called by the user due to permissions.
Уязвимость системы управления базами данных PostgreSQL, позволяющая удаленным пользователям, прошедшим аутентификацию, повысить уровень своих привилегий
EPSS
6.5 Medium
CVSS2