A flaw was found in postgresql. Using an UPDATE … RETURNING command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality.
[
{
"product": "postgresql",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "postgresql 13.3, postgresql 12.7, postgresql 11.12"
}
]
}
]