PostgreSQL Multiple Vulnerabilities

Last Update Date: 13 Aug 2018 10:44 Release Date: 13 Aug 2018 4147 Views

RISK: Medium Risk

TYPE: Servers - Database Servers

Multiple vulnerabilities have been identified in PostgreSQL. A remote attacker can exploit these vulnerabilities to perform elevation of privilege and disclose sensitive information on the targeted system.

Impact

Elevation of Privilege
Information Disclosure

System / Technologies affected

PostgreSQL-9.6

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

The vendor has issued a fix:

https://www.postgresql.org/about/news/1878/

Vulnerability Identifier

CVE-2018-10915
CVE-2018-10925

Source

AusCERT