DSA-5622-1 postgresql-13 -- postgresql-13ID: oval:org.secpod.oval:def:98520 | Date: (C)2024-03-19 (M)2024-03-25 |
Class: PATCH | Family: unix |
It was discovered that a late privilege drop in the REFRESH MATERIALIZED VIEW CONCURRENTLY command could allow an attacker to trick a user with higher privileges to run SQL commands with these permissions.
Product: |
postgresql-server-dev-13 |
libecpg6 |
libpq-dev |
postgresql-pltcl-13 |
libpgtypes3 |
postgresql-plperl-13 |
postgresql-13 |
libecpg-dev |
postgresql-plpython3-13 |
libpq5 |
postgresql-doc-13 |
postgresql-client-13 |
libecpg-compat3 |