CVE-2023-39417
published 2023-08-11CVE-2023-39417: IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | postgresql-13 | < postgresql-13 13.13-0+deb11u1 (bullseye) | postgresql-13 13.13-0+deb11u1 (bullseye) |
| debian | postgresql-15 | < postgresql-13 13.13-0+deb11u1 (bullseye) | postgresql-13 13.13-0+deb11u1 (bullseye) |
| msrc | cbl2_postgresql_14.10-1_on_cbl_mariner_2.0 | — | — |
| postgresql | postgresql | >= 11.0 < 11.21 | 11.21 |
| postgresql | postgresql | >= 12.0 < 12.16 | 12.16 |
| postgresql | postgresql | >= 13.0 < 13.12 | 13.12 |
| postgresql | postgresql | >= 14.0 < 14.9 | 14.9 |
| postgresql | postgresql | >= 15.0 < 15.4 | 15.4 |
| redhat | enterprise_linux | — | — |
| redhat | enterprise_linux | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv8.8HIGH