Detect date
?
|
04/11/2016 |
Severity
?
|
Critical |
Description
|
Multiple serious vulnerabilities have been found in PostgreSQL. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information or cause denial of service. Below is a complete list of vulnerabilities
Technical details Vulnerability (1) related to brin_page_type and brin_metapage_info functions in the pageinspect extension. This vulnerability can be exploited via a specially designed bytea value in a BRIN index page. Vulnerability (2) related to maintenance of row-security status in cached plans. This vulnerability can be exploited via leveraging session that perform queries as more than one role. |
Affected products
|
PostgreSQL 9.5 versions earlier than 9.5.2 |
Solution
|
Update to the latest version |
Original advisories
|
|
Impacts
?
|
OSI [?] DoS [?] SB [?] |
Related products
|
PostgreSQL |
CVE-IDS
?
|
|
Find out the statistics of the vulnerabilities spreading in your region |