VYPR
Unrated severityNVD Advisory· Published Oct 29, 2019· Updated Aug 4, 2024

CVE-2019-10208

CVE-2019-10208

Description

A flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5.x before 9.5.19, 9.6.x before 9.6.15, 10.x before 10.10 and 11.x before 11.5 where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE permission on the function, can execute arbitrary SQL as the owner of the function.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

49

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.