« List of all CVEs

CVE-2017-7486

Published: 5/12/2017 Last updated: 8/5/2024 Reserved: 4/5/2017

PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Opam packages affected (5)

conf-mingw-w64-postgresql-i686 conf-mingw-w64-postgresql-x86_64 conf-postgresql ocsigen-start postgresql

Products affected (1)

Product Vendor Version
PostgreSQL The PostgreSQL Global Development Group < 10.0.22000.2899

References (20)