From: Marc Deslauriers
Date: Feb 18, 2020 10:08PM
It was discovered that PostgreSQL incorrectly performed authorization
checks when handling the "ALTER ... DEPENDS ON EXTENSION" sub-commands. A
remote attacker could possibly use this issue to drop any function,
procedure, materialized view, index, or trigger under certain conditions.
References:
https://usn.ubuntu.com/4282-1
CVE-2020-1720
沒有留言:
張貼留言