Description
The (1) brin_page_type and (2) brin_metapage_info functions in the pageinspect extension in PostgreSQL before 9.5.x before 9.5.2 allows attackers to bypass intended access restrictions and consequently obtain sensitive server memory information or cause a denial of service (server crash) via a crafted bytea value in a BRIN index page.
Remediation
References
Related Vulnerabilities
WordPress Plugin MailChimp for WooCommerce Local File Inclusion (2.1.1)
WordPress Plugin Ultimate GDPR & CCPA Compliance Toolkit for WordPress Security Bypass (2.4)
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-16862)
WordPress Plugin post highlights Cross-Site Scripting (2.6)
WordPress Plugin Soundy Background Music Cross-Site Scripting (3.1)