Multiple vulnerabilities in PostgreSQL

Description

Multiple vulnerabilities were found in PostgreSQL. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. Information disclosure vulnerability in Core server can be exploited remotely to obtain sensitive information.
2. Remote code execution vulnerability in Core server can be exploited remotely to execute arbitrary code.

Original advisories

• PostgreSQL: CVE-2023-2454

• PostgreSQL: CVE-2023-2455

Related products

• PostgreSQL

CVE list

• CVE-2023-2455
  high
• CVE-2023-2454
  high

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com