Note:
This project will be discontinued after December 13, 2021. [more]
2018-03-02
A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected.
| Products | Ubuntu_linux, Postgresql, Cloudforms |
| Type | ? (NVD-CWE-noinfo) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://access.redhat.com/errata/RHSA-2018:3816
• https://www.postgresql.org/about/news/1834/ • https://bugzilla.redhat.com/show_bug.cgi?id=1547044 • http://www.securityfocus.com/bid/103221 • https://usn.ubuntu.com/3589-1/ |