all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

USN-6296-1: PostgreSQL vulnerabilities

Add to bookmarks
Aug. 17, 2023, 11:56 a.m. |

Ubuntu security notices ubuntu.com

It was discovered that PostgreSQL incorrectly handled certain extension
script substitutions. An attacker having database-level CREATE privileges
can use this issue to execute arbitrary code as the bootstrap superuser.
(CVE-2023-39417)

It was discovered that PostgreSQL incorrectly handled the MERGE command. A
remote attacker could possibly use this issue to bypass certain UPDATE and
SELECT policies. This issue only affected Ubuntu 23.04. (CVE-2023-39418)

bypass code command cve database extension issue merge policies postgresql privileges script select update usn vulnerabilities

Visit resource

More from ubuntu.com / Ubuntu security notices

USN-6757-2: PHP vulnerabilities 3 days, 5 hours ago | ubuntu.com
advisory arbitrary code attacker code +15
USN-6762-1: GNU C Library vulnerabilities 3 days, 8 hours ago | ubuntu.com
arbitrary code attacker attackers code +14
USN-6747-2: Firefox regressions 3 days, 18 hours ago | ubuntu.com
advisory attacker denial of service domains +14
USN-6760-1: Gerbv vulnerability 4 days, 23 hours ago | ubuntu.com
application attacker crash data +10
LSN-0103-1: Kernel Live Patch Security Notice 5 days, 10 hours ago | ubuntu.com
attacker con cve data +21
USN-6758-1: JSON5 vulnerability 5 days, 10 hours ago | ubuntu.com
access application attacker denial of service +12
USN-6761-1: Anope vulnerability 5 days, 14 hours ago | ubuntu.com
accounts attacker changing credentials +7
USN-6759-1: FreeRDP vulnerabilities 6 days, 4 hours ago | ubuntu.com
attacker crash denial of service issue +7
USN-6757-1: PHP vulnerabilities 6 days, 7 hours ago | ubuntu.com
arbitrary code attacker code cookie +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Analyst

@ Northwestern Memorial Healthcare | Chicago, IL, United States
View on infosec-jobs.com

GRC Analyst

@ Richemont | Shelton, CT, US
View on infosec-jobs.com

Security Specialist

@ Peraton | Government Site, MD, United States
View on infosec-jobs.com

Information Assurance Security Specialist (IASS)

@ OBXtek Inc. | United States
View on infosec-jobs.com

Cyber Security Technology Analyst

@ Airbus | Bengaluru (Airbus)
View on infosec-jobs.com

Vice President, Cyber Operations Engineer

@ BlackRock | LO9-London - Drapers Gardens
View on infosec-jobs.com
View more jobs