Lucene search
FreeBSDFBB5A260-F00F-11ED-BBAE-6CC21735F730HistoryMay 11, 2023 - 12:00 a.m.
postgresql-server -- CREATE SCHEMA ... schema elements defeats protective search_path changes
2023-05-1100:00:00
vuxml.freebsd.org
27
postgresql
schema elements
search_path
privilege escalation
unix
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.003 Low
EPSS
Percentile
68.9%
PostgreSQL Project reports
This enabled an attacker having database-level CREATE
privilege to execute arbitrary code as the bootstrap
superuser. Database owners have that right by default,
and explicit grants may extend it to other users.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | postgresql-server | < 15.3 | UNKNOWN |
Related
osv
osv
postgresql-9.5 vulnerability
2023-07-13 17:55:44
CVE-2023-2454
2023-06-09 19:15:09
BIT-postgresql-2023-2454
2024-03-06 11:03:35
cvelist
cvelist
CVE-2023-2454
2023-06-09 00:00:00
debiancve
debiancve
CVE-2023-2454
2023-06-09 19:15:09
alpinelinux
alpinelinux
CVE-2023-2454
2023-06-09 19:15:09
nessus
nessus
ubuntu
ubuntu
PostgreSQL vulnerability
2023-07-13 00:00:00
PostgreSQL vulnerabilities
2023-05-24 00:00:00
veracode
veracode
Arbitrary Code Execution
2023-06-07 01:36:40
nvd
nvd
CVE-2023-2454
2023-06-09 19:15:09
ibm
ibm
Security Bulletin: IBM Connect:Direct Web Services vulnerable to sensitive information exposure due to PostgreSQL (CVE-2023-2454)
2023-08-19 17:43:01
redhatcve
redhatcve
CVE-2023-2454
2023-05-16 11:23:30
CVE-2023-26125
2023-05-15 08:51:35
amazon
amazon
Important: postgresql92
2023-06-05 16:39:00
Important: postgresql
2024-02-15 03:52:00
ubuntucve
ubuntucve
CVE-2023-2454
2023-05-12 00:00:00
prion
prion
Code injection
2023-06-09 19:15:00
cve
cve
CVE-2023-2454
2023-06-09 19:15:09
openvas
openvas
Ubuntu: Security Advisory (USN-6230-1)
2023-07-14 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:2200-1)
2023-05-16 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:2202-1)
2023-05-16 00:00:00
debian
debian
[SECURITY] [DLA 3422-1] postgresql-11 security update
2023-05-15 09:06:12
[SECURITY] [DSA 5401-1] postgresql-13 security update
2023-05-11 16:36:32
almalinux
almalinux
Moderate: postgresql:15 security update
2023-07-31 00:00:00
Moderate: postgresql security update
2023-06-21 00:00:00
Moderate: postgresql:13 security update
2023-08-08 00:00:00
rocky
rocky
postgresql:10 security update
2023-08-28 18:40:52
postgresql:13 security update
2023-10-06 23:10:12
postgresql:15 security update
2023-08-08 12:35:00
cloudfoundry
cloudfoundry
USN-6104-1: PostgreSQL vulnerabilities | Cloud Foundry
2023-06-30 00:00:00
redhat
redhat
(RHSA-2023:3714) Moderate: postgresql security update
2023-06-21 13:52:09
(RHSA-2023:4527) Moderate: postgresql:13 security update
2023-08-08 07:21:35
(RHSA-2023:4327) Moderate: postgresql:15 security update
2023-07-31 08:41:19
oraclelinux
oraclelinux
postgresql:15 security update
2023-09-20 00:00:00
postgresql security update
2023-06-22 00:00:00
postgresql:13 security update
2023-08-10 00:00:00
mageia
mageia
Updated postgresql packages fix security vulnerability
2023-05-31 09:41:32
kaspersky
kaspersky
KLA49176 Multiple vulnerabilities in PostgreSQL
2023-05-11 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0394
2023-05-19 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2359
2024-02-27 09:01:10
redos
redos
ROS-20240329-12
2024-03-29 00:00:00
ROS-20240329-11
2024-03-29 00:00:00
hp
hp
HP Device Manager Vulnerability Update (5.0.12)
2024-01-26 00:00:00
ics
ics
Siemens SINEC NMS
2024-02-15 12:00:00
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.003 Low
EPSS
Percentile
68.9%
Related for FBB5A260-F00F-11ED-BBAE-6CC21735F730