The host is installed with PostgreSQL 11.x before 11.12, 12.x before 12.7 or 13.x before 13.3 and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to handle the UPDATE ... RETURNING command on a purpose-crafted table. Successful exploitation allows attackers to make an authenticated database user to read arbitrary bytes of server memory.