Количество 39
Количество 39
CVE-2024-7348
Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected.
CVE-2024-7348
Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected.
CVE-2024-7348
Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected.
CVE-2024-7348
CVE-2024-7348
Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in Postgr ...
SUSE-SU-2024:3224-1
Security update for postgresql16
SUSE-SU-2024:3192-1
Security update for postgresql16
SUSE-SU-2024:3191-1
Security update for postgresql16
SUSE-SU-2024:3181-1
Security update for postgresql16
SUSE-SU-2024:3171-1
Security update for postgresql16
SUSE-SU-2024:3170-1
Security update for postgresql16
SUSE-SU-2024:3169-1
Security update for postgresql16
SUSE-SU-2024:3168-1
Security update for postgresql16
SUSE-SU-2024:3160-1
Security update for postgresql16
SUSE-SU-2024:3158-3
Security update for postgresql16
SUSE-SU-2024:3158-2
Security update for postgresql16
SUSE-SU-2024:3158-1
Security update for postgresql16
SUSE-SU-2024:3154-1
Security update for postgresql16
SUSE-SU-2024:3153-1
Security update for postgresql16
RLSA-2024:5999
Important: postgresql security update
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-7348 Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected. | CVSS3: 8.8 | 0% Низкий | 10 месяцев назад |
 | CVE-2024-7348 Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected. | CVSS3: 7.5 | 0% Низкий | 11 месяцев назад |
 | CVE-2024-7348 Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected. | CVSS3: 8.8 | 0% Низкий | 10 месяцев назад |
 | CVSS3: 7.5 | 0% Низкий | 10 месяцев назад | |
| CVE-2024-7348 Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in Postgr ... | CVSS3: 8.8 | 0% Низкий | 10 месяцев назад |
 | SUSE-SU-2024:3224-1 Security update for postgresql16 | 0% Низкий | 9 месяцев назад | |
| SUSE-SU-2024:3192-1 Security update for postgresql16 | 0% Низкий | 9 месяцев назад | |
| SUSE-SU-2024:3191-1 Security update for postgresql16 | 0% Низкий | 9 месяцев назад | |
| SUSE-SU-2024:3181-1 Security update for postgresql16 | 0% Низкий | 9 месяцев назад | |
| SUSE-SU-2024:3171-1 Security update for postgresql16 | 0% Низкий | 9 месяцев назад | |
| SUSE-SU-2024:3170-1 Security update for postgresql16 | 0% Низкий | 9 месяцев назад | |
| SUSE-SU-2024:3169-1 Security update for postgresql16 | 0% Низкий | 9 месяцев назад | |
| SUSE-SU-2024:3168-1 Security update for postgresql16 | 0% Низкий | 9 месяцев назад | |
| SUSE-SU-2024:3160-1 Security update for postgresql16 | 0% Низкий | 10 месяцев назад | |
| SUSE-SU-2024:3158-3 Security update for postgresql16 | 0% Низкий | 9 месяцев назад | |
| SUSE-SU-2024:3158-2 Security update for postgresql16 | 0% Низкий | 9 месяцев назад | |
| SUSE-SU-2024:3158-1 Security update for postgresql16 | 0% Низкий | 10 месяцев назад | |
| SUSE-SU-2024:3154-1 Security update for postgresql16 | 0% Низкий | 10 месяцев назад | |
| SUSE-SU-2024:3153-1 Security update for postgresql16 | 0% Низкий | 10 месяцев назад | |
 | RLSA-2024:5999 Important: postgresql security update | 0% Низкий | 9 месяцев назад |
Уязвимостей на страницу