vulnerability
PostgreSQL: CVE-2017-7548: lo_put() function ignores ACLs
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:N/I:P/A:N) | Aug 16, 2017 | Aug 17, 2017 | Aug 11, 2025 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:N/I:P/A:N)
Published
Aug 16, 2017
Added
Aug 17, 2017
Modified
Aug 11, 2025
Description
PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no privileges on a large object to overwrite the entire contents of the object, resulting in a denial of service.
Solution
postgres-upgrade-9_6_4
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.