Multiple vulnerabilities in PostgreSQL

Описание

Multiple vulnerabilities were found in PostgreSQL. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. A vulnerability in PostgreSQL can be exploited via reading the most common values of certain columns to bypass security restrictions;
2. A vulnerability in PostgreSQL can be exploited via reading arbitrary data directory files to execute arbitrary code;
3. A vulnerability in PostgreSQL can be exploited via reading arbitrary bytes of server memory to obtain sensitive information;

Первичный источник обнаружения

• PostgreSQL 11.3, 10.8, 9.6.13, 9.5.17, and 9.4.22 Released!
  

Связанные продукты

• PostgreSQL

Список CVE

• CVE-2019-10130
  warning
• CVE-2019-10128
  warning
• CVE-2019-10127
  warning
• CVE-2019-10129
  warning

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com