Multiple vulnerabilities in PostgreSQL

Описание

Multiple vulnerabilities were found in PostgreSQL. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. A code execution vulnerability in psql session can be exploited to execute arbitrary code.
2. An information disclosure vulnerability in client applications can be exploited to obtain sensitive information.
3. A security bypass vulnerability can be exploited to execute arbitrary code.

Первичный источник обнаружения

• PostgreSQL News
  

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• PostgreSQL

Список CVE

• CVE-2020-25696
  critical
• CVE-2020-25694
  critical
• CVE-2020-25695
  critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com