Description

A flaw was found in postgresql. Using an UPDATE ... RETURNING command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality.

Remediation

References

CVE-2021-32029

Related Vulnerabilities

WordPress Plugin Uncanny Toolkit for LearnDash Cross-Site Request Forgery (3.6.4.1)

SharePoint Improper Privilege Management Vulnerability (CVE-2021-1719)

WordPress Plugin Geo Mashup Unspecified Vulnerability (1.10.3)

WordPress Plugin Use Any Font Unspecified Vulnerability (4.3.6)

WordPress Plugin WP Custom Fields Search Cross-Site Scripting (0.3.28)

Severity

Medium

Classification

CVE-2021-32029 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities