Description
A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052).
Remediation
References
Related Vulnerabilities
Drupal Other Vulnerability (CVE-2022-25275)
WordPress Plugin s2member Secure File Browser Cross-Site Scripting (0.4.16)
WordPress Plugin GiveWP-Donation and Fundraising Platform SQL Injection (2.24.0)
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.35)
ownCloud Exposure of Resource to Wrong Sphere Vulnerability (CVE-2022-31649)