First published: Thu May 09 2024(Updated: )
All versions of EnterpriseDB Postgres Advanced Server (EPAS) from 15.0 prior to 15.7.0 and from 16.0 prior to 16.3.0 may allow users using edbldr to bypass role permissions from pg_read_server_files. This could allow low privilege users to read files to which they would not otherwise have access.
Credit: 20be33e2-bf35-4d13-8fad-18bd2f3e3659
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.