Endpoint Vulnerability

PostgreSQL: Constraint violation errors can cause display of values in columns which the user would not normally have rights to see.

Description

An information leak flaw was found in the wathe PostgreSQL database server handled certain error messages. An authenticated database user could possibly obtain the results of a query they did not have privileges to execute by observing the constraint violation error messages produced when the query was executed.

Affected Products

PostgreSQL

References

CVE-2014-8161,