FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

PostgreSQL server -- Potentially allowing authenicated database users to see data that they shouldn't.

Affected packages
postgresql-server < 16.3
postgresql-server < 15.7
postgresql-server < 14.12

Details

VuXML ID d53c30c1-0d7b-11ef-ba02-6cc21735f730
Discovery 2024-05-09
Entry 2024-05-09

PostgreSQL project reports:

A security vulnerability was found in the system views pg_stats_ext and pg_stats_ext_exprs, potentially allowing authenticated database users to see data they shouldn't. If this is of concern in your installation, run the SQL script /usr/local/share/postgresql/fix-CVE-2024-4317.sql for each of your databases. See the link for details.

[source]

References

CVE Name CVE-2024-4317
URL https://www.postgresql.org/support/security/CVE-2024-4317/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.