Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Postgresql | Postgresql | 11.0 (including) | 11.20 (excluding) |
| Postgresql | Postgresql | 12.0 (including) | 12.15 (excluding) |
| Postgresql | Postgresql | 13.0 (including) | 13.11 (excluding) |
| Postgresql | Postgresql | 14.0 (including) | 14.8 (excluding) |
| Postgresql | Postgresql | 15.0 (including) | 15.3 (excluding) |
| Postgresql | Ubuntu | trusty | * |
| Postgresql | Ubuntu | xenial | * |
| Postgresql-10 | Ubuntu | bionic | * |
| Postgresql-12 | Ubuntu | focal | * |
| Postgresql-12 | Ubuntu | trusty | * |
| Postgresql-14 | Ubuntu | jammy | * |
| Postgresql-14 | Ubuntu | kinetic | * |
| Postgresql-15 | Ubuntu | lunar | * |
| Postgresql-15 | Ubuntu | trusty | * |
| Postgresql-15 | Ubuntu | xenial | * |
| Postgresql-9.1 | Ubuntu | trusty | * |
| Postgresql-9.3 | Ubuntu | trusty | * |
| Postgresql-9.5 | Ubuntu | esm-infra/xenial | * |
| Postgresql-9.5 | Ubuntu | xenial | * |
| Red Hat Enterprise Linux 8 | RedHat | postgresql:13-8080020230613131941.63b34585 | * |
| Red Hat Enterprise Linux 8 | RedHat | postgresql:12-8080020230717103820.63b34585 | * |
| Red Hat Enterprise Linux 8 | RedHat | postgresql:10-8080020230720123941.63b34585 | * |
| Red Hat Enterprise Linux 8 | RedHat | postgresql:15-8080020230803085541.63b34585 | * |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | RedHat | postgresql:12-8020020231128165246.4cda2c84 | * |
| Red Hat Enterprise Linux 8.2 Telecommunications Update Service | RedHat | postgresql:12-8020020231128165246.4cda2c84 | * |
| Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions | RedHat | postgresql:12-8020020231128165246.4cda2c84 | * |
| Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | RedHat | postgresql:12-8040020231127153301.522a0ee4 | * |
| Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | RedHat | postgresql:13-8040020231127154806.522a0ee4 | * |
| Red Hat Enterprise Linux 8.4 Telecommunications Update Service | RedHat | postgresql:12-8040020231127153301.522a0ee4 | * |
| Red Hat Enterprise Linux 8.4 Telecommunications Update Service | RedHat | postgresql:13-8040020231127154806.522a0ee4 | * |
| Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | RedHat | postgresql:12-8040020231127153301.522a0ee4 | * |
| Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | RedHat | postgresql:13-8040020231127154806.522a0ee4 | * |
| Red Hat Enterprise Linux 8.6 Extended Update Support | RedHat | postgresql:13-8060020231114115246.ad008a3a | * |
| Red Hat Enterprise Linux 8.6 Extended Update Support | RedHat | postgresql:12-8060020231128165328.ad008a3a | * |
| Red Hat Enterprise Linux 9 | RedHat | postgresql-0:13.11-1.el9_2 | * |
| Red Hat Enterprise Linux 9 | RedHat | postgresql:15-9020020230619032405.rhel9 | * |
| Red Hat Enterprise Linux 9.0 Extended Update Support | RedHat | postgresql-0:13.13-1.el9_0 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7 | RedHat | rh-postgresql12-postgresql-0:12.15-1.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7 | RedHat | rh-postgresql13-postgresql-0:13.13-1.el7 | * |