Endpoint Vulnerability

PostgreSQL: lo_put() function ignores ACLs

Description

An authorization flaw was found in the way PostgreSQL handled large objects. A remote, authenticated attacker with no privileges on a large object could potentially use this flaw to overwrite the entire content of the object, thus resulting in denial of service.

Affected Products

PostgreSQL

References

CVE-2017-7548,