Количество 34
Количество 34
CVE-2024-0985
Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted materialized views. The victim is a superuser or member of one of the attacker's roles. The attack requires luring the victim into running REFRESH MATERIALIZED VIEW CONCURRENTLY on the attacker's materialized view. Versions before PostgreSQL 16.2, 15.6, 14.11, 13.14, and 12.18 are affected.
CVE-2024-0985
Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted materialized views. The victim is a superuser or member of one of the attacker's roles. The attack requires luring the victim into running REFRESH MATERIALIZED VIEW CONCURRENTLY on the attacker's materialized view. Versions before PostgreSQL 16.2, 15.6, 14.11, 13.14, and 12.18 are affected.
CVE-2024-0985
Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted materialized views. The victim is a superuser or member of one of the attacker's roles. The attack requires luring the victim into running REFRESH MATERIALIZED VIEW CONCURRENTLY on the attacker's materialized view. Versions before PostgreSQL 16.2, 15.6, 14.11, 13.14, and 12.18 are affected.
CVE-2024-0985
CVE-2024-0985
Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in Postg ...
SUSE-SU-2024:0552-1
Security update for postgresql14
SUSE-SU-2024:0551-1
Security update for postgresql15
SUSE-SU-2024:0550-1
Security update for postgresql16
SUSE-SU-2024:0546-1
Security update for postgresql16
SUSE-SU-2024:0542-1
Security update for postgresql12
SUSE-SU-2024:0541-1
Security update for postgresql13
SUSE-SU-2024:0540-1
Security update for postgresql14
SUSE-SU-2024:0523-1
Security update for postgresql12
SUSE-SU-2024:0522-1
Security update for postgresql13
SUSE-SU-2024:0520-1
Security update for postgresql15
RLSA-2024:0975
Important: postgresql:13 security update
RLSA-2024:0974
Important: postgresql:12 security update
RLSA-2024:0973
Important: postgresql:15 security update
RLSA-2024:0956
Important: postgresql:10 security update
RLSA-2024:0951
Important: postgresql security update
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-0985 Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted materialized views. The victim is a superuser or member of one of the attacker's roles. The attack requires luring the victim into running REFRESH MATERIALIZED VIEW CONCURRENTLY on the attacker's materialized view. Versions before PostgreSQL 16.2, 15.6, 14.11, 13.14, and 12.18 are affected. | CVSS3: 8 | 1% Низкий | почти 2 года назад |
 | CVE-2024-0985 Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted materialized views. The victim is a superuser or member of one of the attacker's roles. The attack requires luring the victim into running REFRESH MATERIALIZED VIEW CONCURRENTLY on the attacker's materialized view. Versions before PostgreSQL 16.2, 15.6, 14.11, 13.14, and 12.18 are affected. | CVSS3: 8 | 1% Низкий | почти 2 года назад |
 | CVE-2024-0985 Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted materialized views. The victim is a superuser or member of one of the attacker's roles. The attack requires luring the victim into running REFRESH MATERIALIZED VIEW CONCURRENTLY on the attacker's materialized view. Versions before PostgreSQL 16.2, 15.6, 14.11, 13.14, and 12.18 are affected. | CVSS3: 8 | 1% Низкий | почти 2 года назад |
 | CVSS3: 8 | 1% Низкий | почти 2 года назад | |
| CVE-2024-0985 Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in Postg ... | CVSS3: 8 | 1% Низкий | почти 2 года назад |
 | SUSE-SU-2024:0552-1 Security update for postgresql14 | 1% Низкий | почти 2 года назад | |
| SUSE-SU-2024:0551-1 Security update for postgresql15 | 1% Низкий | почти 2 года назад | |
| SUSE-SU-2024:0550-1 Security update for postgresql16 | 1% Низкий | почти 2 года назад | |
| SUSE-SU-2024:0546-1 Security update for postgresql16 | 1% Низкий | почти 2 года назад | |
| SUSE-SU-2024:0542-1 Security update for postgresql12 | 1% Низкий | почти 2 года назад | |
| SUSE-SU-2024:0541-1 Security update for postgresql13 | 1% Низкий | почти 2 года назад | |
| SUSE-SU-2024:0540-1 Security update for postgresql14 | 1% Низкий | почти 2 года назад | |
| SUSE-SU-2024:0523-1 Security update for postgresql12 | 1% Низкий | почти 2 года назад | |
| SUSE-SU-2024:0522-1 Security update for postgresql13 | 1% Низкий | почти 2 года назад | |
| SUSE-SU-2024:0520-1 Security update for postgresql15 | 1% Низкий | почти 2 года назад | |
 | RLSA-2024:0975 Important: postgresql:13 security update | 1% Низкий | почти 2 года назад | |
| RLSA-2024:0974 Important: postgresql:12 security update | 1% Низкий | 5 месяцев назад | |
| RLSA-2024:0973 Important: postgresql:15 security update | 1% Низкий | почти 2 года назад | |
| RLSA-2024:0956 Important: postgresql:10 security update | 1% Низкий | почти 2 года назад | |
| RLSA-2024:0951 Important: postgresql security update | 1% Низкий | больше 1 года назад |
Уязвимостей на страницу