Description
PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors.
Remediation
References
Related Vulnerabilities
Atlassian Jira CVE-2020-4029 Vulnerability (CVE-2020-4029)
MySQL CVE-2024-21212 Vulnerability (CVE-2024-21212)
Oracle Database Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1675)
WordPress Plugin MainWP Child Reports SQL Injection (2.0.7)
WordPress Plugin Coming Soon Multiple Vulnerabilities (1.1.18)