Vulnerability & Exploit Database

Back to search

PostgreSQL class Uncontrolled search path element in pg_dump and other client applications vulnerability in client: CVE-2018-1058

Severity CVSS Published Added Modified
7 (AV:N/AC:L/Au:S/C:P/I:P/A:P) March 02, 2018 March 02, 2018 August 30, 2018

Description

A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

 Free InsightVM Trial

References

Solution

postgres-upgrade-10_3

Related Vulnerabilities