Description
PostgreSQL before 9.5.x before 9.5.2 does not properly maintain row-security status in cached plans, which might allow attackers to bypass intended access restrictions by leveraging a session that performs queries as more than one role.
Remediation
References
Related Vulnerabilities
Undertow Insertion of Sensitive Information into Log File Vulnerability (CVE-2019-10212)
WordPress Plugin WP Mail SMTP by WPForms Cross-Site Scripting (1.3.3)
Oracle Application Server CVE-2009-1011 Vulnerability (CVE-2009-1011)
MySQL CVE-2019-2974 Vulnerability (CVE-2019-2974)
WordPress Plugin Simple Download Monitor Multiple Cross-Site Scripting Vulnerabilities (3.9.4)