Description
SQL injection vulnerability in PostreSQL. Malicious users can exploit this vulnerability via running arbitrary SQL statements with superuser privileges when a superuser runs pg_upgrade on the database or during a pg_dump dump/restore cycle to bypass security restrictions.
Original advisories
Related products
CVE list
- CVE-2018-16850 critical
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!