exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

bind:"GHSA-3c6g-7v4g-5xcm" OR bind:"CVE-2024-7348"

exploitDog

bind:"GHSA-3c6g-7v4g-5xcm" OR bind:"CVE-2024-7348"

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 39

Количество 39

GHSA-3c6g-7v4g-5xcm

10 месяцев назад

Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected.

CVSS3: 8.8

EPSS: Низкий

CVE-2024-7348

10 месяцев назад

Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected.

CVSS3: 8.8

EPSS: Низкий

CVE-2024-7348

11 месяцев назад

Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected.

CVSS3: 7.5

EPSS: Низкий

CVE-2024-7348

10 месяцев назад

Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected.

CVSS3: 8.8

EPSS: Низкий

CVE-2024-7348

10 месяцев назад

CVSS3: 7.5

EPSS: Низкий

CVE-2024-7348

10 месяцев назад

Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in Postgr ...

CVSS3: 8.8

EPSS: Низкий

SUSE-SU-2024:3224-1

9 месяцев назад

Security update for postgresql16

EPSS: Низкий

SUSE-SU-2024:3192-1

9 месяцев назад

Security update for postgresql16

EPSS: Низкий

SUSE-SU-2024:3191-1

9 месяцев назад

Security update for postgresql16

EPSS: Низкий

SUSE-SU-2024:3181-1

9 месяцев назад

Security update for postgresql16

EPSS: Низкий

SUSE-SU-2024:3171-1

9 месяцев назад

Security update for postgresql16

EPSS: Низкий

SUSE-SU-2024:3170-1

9 месяцев назад

Security update for postgresql16

EPSS: Низкий

SUSE-SU-2024:3169-1

9 месяцев назад

Security update for postgresql16

EPSS: Низкий

SUSE-SU-2024:3168-1

9 месяцев назад

Security update for postgresql16

EPSS: Низкий

SUSE-SU-2024:3160-1

10 месяцев назад

Security update for postgresql16

EPSS: Низкий

SUSE-SU-2024:3158-3

9 месяцев назад

Security update for postgresql16

EPSS: Низкий

SUSE-SU-2024:3158-2

9 месяцев назад

Security update for postgresql16

EPSS: Низкий

SUSE-SU-2024:3158-1

10 месяцев назад

Security update for postgresql16

EPSS: Низкий

SUSE-SU-2024:3154-1

10 месяцев назад

Security update for postgresql16

EPSS: Низкий

SUSE-SU-2024:3153-1

10 месяцев назад

Security update for postgresql16

EPSS: Низкий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	GHSA-3c6g-7v4g-5xcm Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected.	CVSS3: 8.8	0% Низкий	10 месяцев назад
	CVE-2024-7348 Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected.	CVSS3: 8.8	0% Низкий	10 месяцев назад
	CVE-2024-7348 Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected.	CVSS3: 7.5	0% Низкий	11 месяцев назад
	CVE-2024-7348 Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected.	CVSS3: 8.8	0% Низкий	10 месяцев назад
	CVE-2024-7348	CVSS3: 7.5	0% Низкий	10 месяцев назад
	CVE-2024-7348 Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in Postgr ...	CVSS3: 8.8	0% Низкий	10 месяцев назад
	SUSE-SU-2024:3224-1 Security update for postgresql16		0% Низкий	9 месяцев назад
	SUSE-SU-2024:3192-1 Security update for postgresql16		0% Низкий	9 месяцев назад
	SUSE-SU-2024:3191-1 Security update for postgresql16		0% Низкий	9 месяцев назад
	SUSE-SU-2024:3181-1 Security update for postgresql16		0% Низкий	9 месяцев назад
	SUSE-SU-2024:3171-1 Security update for postgresql16		0% Низкий	9 месяцев назад
	SUSE-SU-2024:3170-1 Security update for postgresql16		0% Низкий	9 месяцев назад
	SUSE-SU-2024:3169-1 Security update for postgresql16		0% Низкий	9 месяцев назад
	SUSE-SU-2024:3168-1 Security update for postgresql16		0% Низкий	9 месяцев назад
	SUSE-SU-2024:3160-1 Security update for postgresql16		0% Низкий	10 месяцев назад
	SUSE-SU-2024:3158-3 Security update for postgresql16		0% Низкий	9 месяцев назад
	SUSE-SU-2024:3158-2 Security update for postgresql16		0% Низкий	9 месяцев назад
	SUSE-SU-2024:3158-1 Security update for postgresql16		0% Низкий	10 месяцев назад
	SUSE-SU-2024:3154-1 Security update for postgresql16		0% Низкий	10 месяцев назад
	SUSE-SU-2024:3153-1 Security update for postgresql16		0% Низкий	10 месяцев назад

Уязвимостей на страницу