A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Postgresql | Postgresql | 9.3 (including) | 9.3.22 (excluding) |
Postgresql | Postgresql | 9.4 (including) | 9.4.17 (excluding) |
Postgresql | Postgresql | 9.5 (including) | 9.5.12 (excluding) |
Postgresql | Postgresql | 9.6 (including) | 9.6.8 (excluding) |
Postgresql | Postgresql | 10.0 (including) | 10.3 (excluding) |