CVE-2018-1058
N/A
N/A
Summary
A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| The PostgreSQL Global Development Group | postgresql | 9.3 - 10 | affected |
Weaknesses
- CWE-20: CWE-20
ADP Enrichment
CVE Program Container
Additional References
- https://bugzilla.redhat.com/show_bug.cgi?id=1547044
- https://usn.ubuntu.com/3589-1/
- http://www.securityfocus.com/bid/103221
- https://www.postgresql.org/about/news/1834/
- https://access.redhat.com/errata/RHSA-2018:2511
- https://access.redhat.com/errata/RHSA-2018:2566
- https://access.redhat.com/errata/RHSA-2018:3816
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1547044
- https://usn.ubuntu.com/3589-1/
- http://www.securityfocus.com/bid/103221
- https://www.postgresql.org/about/news/1834/
- https://access.redhat.com/errata/RHSA-2018:2511
- https://access.redhat.com/errata/RHSA-2018:2566
- https://access.redhat.com/errata/RHSA-2018:3816
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.