Количество 25
Количество 25
BDU:2023-03024
Уязвимость компонента Schema Handler системы управления базами данных PostgreSQL, позволяющая нарушителю обойти ограничения безопасности
ROS-20240329-12
Множественные уязвимости postgresql13
ROS-20240329-11
Множественные уязвимости postgresql
CVE-2023-2455
Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy.
CVE-2023-2455
Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy.
CVE-2023-2455
Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy.
CVE-2023-2455
CVE-2023-2455
Row security policies disregard user ID changes after inlining; Postgr ...
GHSA-r7p3-79xh-j7pg
Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy.
SUSE-SU-2023:2219-1
Security update for postgresql13
SUSE-SU-2023:2207-1
Security update for postgresql15
SUSE-SU-2023:2206-1
Security update for postgresql15
SUSE-SU-2023:2205-1
Security update for postgresql14
SUSE-SU-2023:2202-1
Security update for postgresql14
SUSE-SU-2023:2201-1
Security update for postgresql13
SUSE-SU-2023:2200-1
Security update for postgresql12
SUSE-SU-2023:2199-1
Security update for postgresql12
SUSE-SU-2023:2198-1
Security update for postgresql12
RLSA-2023:3714
Moderate: postgresql security update
ELSA-2023-5269
ELSA-2023-5269: postgresql:15 security update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2023-03024 Уязвимость компонента Schema Handler системы управления базами данных PostgreSQL, позволяющая нарушителю обойти ограничения безопасности | CVSS3: 4.2 | 0% Низкий | около 2 лет назад |
 | ROS-20240329-12 Множественные уязвимости postgresql13 | CVSS3: 8.8 | около 1 года назад | |
| ROS-20240329-11 Множественные уязвимости postgresql | CVSS3: 8.8 | около 1 года назад | |
 | CVE-2023-2455 Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy. | CVSS3: 5.4 | 0% Низкий | около 2 лет назад |
 | CVE-2023-2455 Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy. | CVSS3: 4.2 | 0% Низкий | около 2 лет назад |
 | CVE-2023-2455 Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy. | CVSS3: 5.4 | 0% Низкий | около 2 лет назад |
 | CVSS3: 5.4 | 0% Низкий | 6 месяцев назад | |
| CVE-2023-2455 Row security policies disregard user ID changes after inlining; Postgr ... | CVSS3: 5.4 | 0% Низкий | около 2 лет назад |
| GHSA-r7p3-79xh-j7pg Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy. | CVSS3: 5.4 | 0% Низкий | около 2 лет назад |
 | SUSE-SU-2023:2219-1 Security update for postgresql13 | около 2 лет назад | ||
| SUSE-SU-2023:2207-1 Security update for postgresql15 | около 2 лет назад | ||
| SUSE-SU-2023:2206-1 Security update for postgresql15 | около 2 лет назад | ||
| SUSE-SU-2023:2205-1 Security update for postgresql14 | около 2 лет назад | ||
| SUSE-SU-2023:2202-1 Security update for postgresql14 | около 2 лет назад | ||
| SUSE-SU-2023:2201-1 Security update for postgresql13 | около 2 лет назад | ||
| SUSE-SU-2023:2200-1 Security update for postgresql12 | около 2 лет назад | ||
| SUSE-SU-2023:2199-1 Security update for postgresql12 | около 2 лет назад | ||
| SUSE-SU-2023:2198-1 Security update for postgresql12 | около 2 лет назад | ||
 | RLSA-2023:3714 Moderate: postgresql security update | почти 2 года назад | ||
| ELSA-2023-5269 ELSA-2023-5269: postgresql:15 security update (MODERATE) | больше 1 года назад |
Уязвимостей на страницу