vulnerability
Amazon Linux AMI 2: CVE-2021-3393: Security patch for postgresql (ALASPOSTGRESQL12-2023-004)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:S/C:P/I:N/A:N) | Apr 1, 2021 | Sep 28, 2023 | Sep 28, 2023 |
Severity
4
CVSS
(AV:N/AC:M/Au:S/C:P/I:N/A:N)
Published
Apr 1, 2021
Added
Sep 28, 2023
Modified
Sep 28, 2023
Description
An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. A user having UPDATE permission but not SELECT permission to a particular column could craft queries which, under some circumstances, might disclose values from that column in error messages. An attacker could use this flaw to obtain information stored in a column they are allowed to write but not read.
Solutions
amazon-linux-ami-2-upgrade-postgresqlamazon-linux-ami-2-upgrade-postgresql-contribamazon-linux-ami-2-upgrade-postgresql-debuginfoamazon-linux-ami-2-upgrade-postgresql-docsamazon-linux-ami-2-upgrade-postgresql-llvmjitamazon-linux-ami-2-upgrade-postgresql-plperlamazon-linux-ami-2-upgrade-postgresql-plpython2amazon-linux-ami-2-upgrade-postgresql-plpython3amazon-linux-ami-2-upgrade-postgresql-pltclamazon-linux-ami-2-upgrade-postgresql-serveramazon-linux-ami-2-upgrade-postgresql-server-develamazon-linux-ami-2-upgrade-postgresql-staticamazon-linux-ami-2-upgrade-postgresql-testamazon-linux-ami-2-upgrade-postgresql-test-rpm-macrosamazon-linux-ami-2-upgrade-postgresql-upgradeamazon-linux-ami-2-upgrade-postgresql-upgrade-devel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.