virus logo FortiClient Vulnerability

PostgreSQL: selectivity estimators bypass SELECT privilege checks

description-logoDescription

It was found that some selectivity estimation functions did not check user privileges before providing information from pg_statistic, possibly leaking information. A non-administrative database user could use this flaw to steal some information from tables they are otherwise not allowed to access.

affected-products-logoAffected Applications

PostgreSQL

CVE References

CVE-2017-7484

Other References

https://access.redhat.com/security/cve/CVE-2017-7484
ID 36154
Created Dec 09, 2021
Description
Updated		 Feb 16, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS MacOS
Vendor PostgreSQL
Patch manual
Application PostgreSQL