DSA-5623-1 postgresql-15 -- postgresql-15| ID: oval:org.secpod.oval:def:98518 | Date: (C)2024-03-19 (M)2024-03-25 |
| Class: PATCH | Family: unix |
It was discovered that a late privilege drop in the REFRESH MATERIALIZED VIEW CONCURRENTLY command could allow an attacker to trick a user with higher privileges to run SQL commands with these permissions.
| Product: |
| postgresql-server-dev-15 |
| libpq-dev |
| libecpg6 |
| libpq5 |
| libpgtypes3 |
| postgresql-plpython3-15 |
| libecpg-dev |
| postgresql-15 |
| postgresql-plperl-15 |
| postgresql-pltcl-15 |
| postgresql-client-15 |
| libecpg-compat3 |
| postgresql-doc-15 |
