CVSS: 7.2EPSS: 0%CPEs: 9EXPL: 0CVE-2023-2454 – postgresql: schema_element defeats protective search_path changes
https://notcve.org/view.php?id=CVE-2023-2454
schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code. A flaw was found in PostgreSQL. Certain database calls could permit an attacker with elevated database-level privileges to execute arbitrary code. • https://access.redhat.com/security/cve/CVE-2023-2454 https://security.netapp.com/advisory/ntap-20230706-0006 https://www.postgresql.org/support/security/CVE-2023-2454 https://bugzilla.redhat.com/show_bug.cgi?id=2207568 • CWE-20: Improper Input Validation •
CVSS: 5.4EPSS: 0%CPEs: 9EXPL: 0CVE-2023-2455 – postgresql: row security policies disregard user ID changes after inlining.
https://notcve.org/view.php?id=CVE-2023-2455
Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy. A flaw was found in PostgreSQL, which could permit incorrect policies being applied in certain cases where role-specific policies are used and a given query is planned under one role and executed under other roles. • https://access.redhat.com/security/cve/CVE-2023-2455 https://security.netapp.com/advisory/ntap-20230706-0006 https://www.postgresql.org/support/security/CVE-2023-2455 https://bugzilla.redhat.com/show_bug.cgi?id=2207569 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-0241
https://notcve.org/view.php?id=CVE-2023-0241
pgAdmin 4 versions prior to v6.19 contains a directory traversal vulnerability. A user of the product may change another user's settings or alter the database. • https://github.com/pgadmin-org/pgadmin4/issues/5734 https://jvn.jp/en/jp/JVN01398015 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 3.7EPSS: 0%CPEs: 9EXPL: 0CVE-2022-41862 – postgresql: Client memory disclosure when connecting with Kerberos to modified server
https://notcve.org/view.php?id=CVE-2022-41862
In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes. A flaw was found In PostgreSQL. A modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions, a server can cause a libpq client to over-read and report an error message containing uninitialized bytes. • https://bugzilla.redhat.com/show_bug.cgi?id=2165722 https://security.netapp.com/advisory/ntap-20230427-0002 https://www.postgresql.org/support/security/CVE-2022-41862 https://access.redhat.com/security/cve/CVE-2022-41862 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0CVE-2022-4223
https://notcve.org/view.php?id=CVE-2022-4223
The pgAdmin server includes an HTTP API that is intended to be used to validate the path a user selects to external PostgreSQL utilities such as pg_dump and pg_restore. The utility is executed by the server to determine what PostgreSQL version it is from. Versions of pgAdmin prior to 6.17 failed to properly secure this API, which could allow an unauthenticated user to call it with a path of their choosing, such as a UNC path to a server they control on a Windows machine. This would cause an appropriately named executable in the target path to be executed by the pgAdmin server. El servidor pgAdmin incluye una API HTTP diseñada para validar la ruta que un usuario selecciona a las utilidades externas de PostgreSQL, como pg_dump y pg_restore. • https://github.com/pgadmin-org/pgadmin4/issues/5593 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R5EYTPKHVFSDCETBJI7LBZE4EYHBPN2Q • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-862: Missing Authorization •