vulnerability
FreeBSD: VID-E66A5440-7258-11E9-B0E1-6CC21735F730 (CVE-2019-10129): PostgreSQL -- Memory disclosure in partition routing
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
4 | (AV:N/AC:L/Au:S/C:P/I:N/A:N) | May 9, 2019 | May 11, 2019 | Aug 6, 2019 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:P/I:N/A:N)
Published
May 9, 2019
Added
May 11, 2019
Modified
Aug 6, 2019
Description
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.
From VID-E66A5440-7258-11E9-B0E1-6CC21735F730:
The PostgreSQL project reports:
Prior to this release, a user running PostgreSQL 11 can read
arbitrary bytes of server memory by executing a purpose-crafted
INSERT statement to a partitioned table.
Solution
freebsd-upgrade-package-postgresql11-server
References

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.