 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2019-10208 |
| Description: | A flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5.x before 9.5.19, 9.6.x before 9.6.15, 10.x before 10.10 and 11.x before 11.5 where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE permission on the function, can execute arbitrary SQL as the owner of the function. |
| Test IDs: | 1.3.6.1.4.1.25623.1.1.4.2019.2707.1 1.3.6.1.4.1.25623.1.1.2.2019.2090 1.3.6.1.4.1.25623.1.0.852687 1.3.6.1.4.1.25623.1.1.4.2019.2228.1 1.3.6.1.4.1.25623.1.1.4.2019.2159.1 1.3.6.1.4.1.25623.1.1.4.2019.2158.1 1.3.6.1.4.1.25623.1.0.704492 1.3.6.1.4.1.25623.1.0.891874 |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2019-10208 https://www.postgresql.org/about/news/1960/ SuSE Security Announcement: openSUSE-SU-2020:1227 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00043.html |