vulnerability

FreeBSD: VID-E66A5440-7258-11E9-B0E1-6CC21735F730 (CVE-2019-10129): PostgreSQL -- Memory disclosure in partition routing

Severity
4
CVSS
(AV:N/AC:L/Au:S/C:P/I:N/A:N)
Published
May 9, 2019
Added
May 11, 2019
Modified
Aug 6, 2019

Description

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.


From VID-E66A5440-7258-11E9-B0E1-6CC21735F730:




The PostgreSQL project reports:




Prior to this release, a user running PostgreSQL 11 can read


arbitrary bytes of server memory by executing a purpose-crafted


INSERT statement to a partitioned table.





Solution

freebsd-upgrade-package-postgresql11-server
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.