PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Postgresql | Postgresql | 9.5 | 9.5 |
Postgresql | Postgresql | 9.2 | * |
Postgresql | Postgresql | 9.4 | * |
Postgresql | Postgresql | 9.3 | * |
Postgresql | Postgresql | 9.1.0 | * |