KLA11202
PE vulnerabilities in PostgreSQL

Updated: 06/03/2020
Detect date
?
01/03/2018
Severity
?
Critical
Description

A vulnerabilyty was found in PostgreSQL. This vulnerability allow a user to modify the behavior of a query for other users and can be exploited to execute code with the permissions of superuser in the database.

Affected products

PostgreSQL 9.6 versions earlier than 9.6.8 
PostgreSQL 9.5 versions earlier than 9.5.12 
PostgreSQL 9.4 versions earlier than 9.4.17 
PostgreSQL 9.3 versions earlier than 9.3.22 
PostgreSQL 10 versions earlier than 10.3
PostgreSQL 9.6 versions earlier than 9.6.8 
PostgreSQL 9.5 versions earlier than 9.5.12 
PostgreSQL 9.4 versions earlier than 9.4.17 
PostgreSQL 9.3 versions earlier than 9.3.22 
PostgreSQL 10 versions earlier than 10.3

Solution

Protect PostgreSQL installations
A Guide to CVE-2018-1058: Protect Your Search Path

Original advisories

Security Update Release

Impacts
?
PE 
[?]
Related products
PostgreSQL
CVE-IDS
?
Find out the statistics of the vulnerabilities spreading in your region