vulnerability
PostgreSQL class C vulnerability in contrib module: CVE-2016-0766
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:L/Au:S/C:C/I:C/A:C) | Feb 12, 2016 | Feb 12, 2016 | Nov 27, 2024 |
Severity
9
CVSS
(AV:N/AC:L/Au:S/C:C/I:C/A:C)
Published
Feb 12, 2016
Added
Feb 12, 2016
Modified
Nov 27, 2024
Description
PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors.
Solutions
postgres-upgrade-9_1_20postgres-upgrade-9_2_15postgres-upgrade-9_3_11postgres-upgrade-9_4_6postgres-upgrade-9_5_1
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.