Unrated severityNVD Advisory· Published Apr 24, 2007· Updated Jun 16, 2026
CVE-2007-2138
CVE-2007-2138
Description
Untrusted search path vulnerability in PostgreSQL before 7.3.19, 7.4.x before 7.4.17, 8.0.x before 8.0.13, 8.1.x before 8.1.9, and 8.2.x before 8.2.4 allows remote authenticated users, when permitted to call a SECURITY DEFINER function, to gain the privileges of the function owner, related to "search_path settings."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*range: <7.3.19
- (no CPE)range: <7.3.19, <7.4.17, <8.0.13, <8.1.9, <8.2.4
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*+ 2 more
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
31- www.postgresql.org/about/news.791nvdPatchVendor Advisory
- www.postgresql.org/support/security.htmlnvdPatchVendor Advisory
- rhn.redhat.com/errata/RHSA-2007-0336.htmlnvdThird Party Advisory
- secunia.com/advisories/24989nvdThird Party Advisory
- secunia.com/advisories/24999nvdThird Party Advisory
- secunia.com/advisories/25005nvdThird Party Advisory
- secunia.com/advisories/25019nvdThird Party Advisory
- secunia.com/advisories/25037nvdThird Party Advisory
- secunia.com/advisories/25058nvdThird Party Advisory
- secunia.com/advisories/25184nvdThird Party Advisory
- secunia.com/advisories/25238nvdThird Party Advisory
- secunia.com/advisories/25334nvdThird Party Advisory
- secunia.com/advisories/25717nvdThird Party Advisory
- secunia.com/advisories/25720nvdThird Party Advisory
- secunia.com/advisories/25725nvdThird Party Advisory
- security.gentoo.org/glsa/glsa-200705-12.xmlnvdThird Party Advisory
- support.avaya.com/elmodocs2/security/ASA-2007-190.htmnvdThird Party Advisory
- www.debian.org/security/2007/dsa-1309nvdThird Party Advisory
- www.debian.org/security/2007/dsa-1311nvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2007-0337.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/23618nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/usn-454-1nvdThird Party Advisory
- www.vupen.com/english/advisories/2007/1497nvdThird Party Advisory
- www.vupen.com/english/advisories/2007/1549nvdThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/33842nvdThird Party AdvisoryVDB Entry
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10090nvdThird Party Advisory
- sunsolve.sun.com/search/document.donvdBroken Link
- www.trustix.org/errata/2007/0015/nvdBroken Link
- issues.rpath.com/browse/RPL-1292nvdBroken Link
News mentions
0No linked articles in our index yet.