Дата обнаружения
|
09/08/2018 |
Уровень угрозы
|
Warning |
Описание
|
Multiple serious vulnerabilities were found in PostgreSQL. Malicious users can exploit these vulnerabilities to bypass security restrictions and obtain sensitive information. Below is a complete list of vulnerabilities:
Technical details Attacker with «CREATE TABLE» privileges can exploit this to read arbitrary bytes server memory. If the attacker also have «INSERT» and «UPDATE» privileges to a particular table, the can exploit this to update other columns in this table |
Пораженные продукты
|
PostgreSQL 10.x earlier than 10.5 |
Решение
|
Update to the latest version |
Первичный источник обнаружения
|
POSTGRESQL 10.5, 9.6.10, 9.5.14, 9.4.19, 9.3.24, AND 11 BETA 3 RELEASED! |
Оказываемое влияние
?
|
OSI
[?]
SB
[?]
|
Связанные продукты
|
PostgreSQL |
CVE-IDS
|
|
Узнай статистику распространения уязвимостей в твоем регионе |