rpm package
suse/postgresql15&distro=SUSE Linux Enterprise Server 12 SP4-ESPOS
pkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-ESPOS
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-2455 | — | < 15.3-3.9.1 | 15.3-3.9.1 | Jun 9, 2023 | Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happe | ||
| CVE-2023-2454 | — | < 15.3-3.9.1 | 15.3-3.9.1 | Jun 9, 2023 | schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code. |
- CVE-2023-2455Jun 9, 2023affected < 15.3-3.9.1fixed 15.3-3.9.1
Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happe
- CVE-2023-2454Jun 9, 2023affected < 15.3-3.9.1fixed 15.3-3.9.1
schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code.