CVE-2018-1058

A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:redhat:cloudforms:4.6:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-03-02 15:29

Updated : 2024-02-28 16:25


NVD link : CVE-2018-1058

Mitre link : CVE-2018-1058

CVE.ORG link : CVE-2018-1058


JSON object : View

Products Affected

redhat

  • cloudforms

canonical

  • ubuntu_linux

postgresql

  • postgresql
CWE
NVD-CWE-noinfo CWE-20

Improper Input Validation