FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

PostgreSQL server -- Potentially allowing authenicated database users to see data that they shouldn't.

Affected packages
postgresql-server < 16.3
postgresql-server < 15.7
postgresql-server < 14.12


VuXML ID d53c30c1-0d7b-11ef-ba02-6cc21735f730
Discovery 2024-05-09
Entry 2024-05-09

PostgreSQL project reports:

A security vulnerability was found in the system views pg_stats_ext and pg_stats_ext_exprs, potentially allowing authenticated database users to see data they shouldn't. If this is of concern in your installation, run the SQL script /usr/local/share/postgresql/fix-CVE-2024-4317.sql for each of your databases. See the link for details.


CVE Name CVE-2024-4317