CVE-2023-39417

Postgresql: extension script @substitutions@ within quoting allow sql injection

Published: 8/11/2023 Last updated: 7/9/2025 Reserved: 8/1/2023

IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Metrics

Version	Score	Severity	Vector String
3.1	7.5	High	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Opam packages affected (5)

conf-mingw-w64-postgresql-i686 conf-mingw-w64-postgresql-x86_64 conf-postgresql ocsigen-start postgresql

Products affected (84)

Product	Vendor	Version
RHACS-4.1-RHEL-8	Red Hat	<= *
RHACS-3.74-RHEL-8	Red Hat	n/a
RHACS-3.74-RHEL-8	Red Hat	6.8
Red Hat Advanced Cluster Security 4.2	Red Hat	All versions < V2023 MP1
RHACS-4.1-RHEL-8	Red Hat	< publication
Red Hat Advanced Cluster Security 4.2	Red Hat	7.0
Red Hat Advanced Cluster Security 4.2	Red Hat	<master.1808.p685.q13371
RHACS-3.74-RHEL-8	Red Hat	n/a
RHACS-3.74-RHEL-8	Red Hat	n/a
RHACS-4.1-RHEL-8	Red Hat	n/a
RHACS-4.1-RHEL-8	Red Hat	<= 6.1.*
Red Hat Advanced Cluster Security 4.2	Red Hat	< 9
RHACS-3.74-RHEL-8	Red Hat	< 6.8
RHACS-4.1-RHEL-8	Red Hat	<= 6.6.*
RHACS-3.74-RHEL-8	Red Hat	< publication
Red Hat Advanced Cluster Security 4.2	Red Hat	<= 6.12.*
Red Hat Advanced Cluster Security 4.2	Red Hat	n/a
RHACS-4.1-RHEL-8	Red Hat	n/a
RHACS-4.1-RHEL-8	Red Hat	<= 6.10.*
RHACS-4.1-RHEL-8	Red Hat	<= 2.12
RHACS-3.74-RHEL-8	Red Hat	<= 6.10.*
RHACS-3.74-RHEL-8	Red Hat	QAM8255P
Red Hat Advanced Cluster Security 4.2	Red Hat	8.0
Red Hat Advanced Cluster Security 4.2	Red Hat	< unspecified
RHACS-4.1-RHEL-8	Red Hat	< 19.4R3-S10
RHACS-3.74-RHEL-8	Red Hat	QAM8775P
RHACS-4.1-RHEL-8	Red Hat	QCA6436
RHACS-3.74-RHEL-8	Red Hat	< 10.0.10240.19086
Red Hat Advanced Cluster Security 4.2	Red Hat	8.5
Red Hat Advanced Cluster Security 4.2	Red Hat	4.27.1
Red Hat Enterprise Linux 9	Red Hat	n/a
Red Hat Enterprise Linux 9	Red Hat	< 081ff4c0ef1884ae55f7adb8944efd22e22d8724
Red Hat Enterprise Linux 9.0 Extended Update Support	Red Hat	< 10.0.22000.258
Red Hat Enterprise Linux 9.2 Extended Update Support	Red Hat	< c96140000915b610d86f941450e15ca552de154a
Red Hat Enterprise Linux 6	Red Hat	< 10.0.14393.4704
Red Hat Enterprise Linux 7	Red Hat	< 20.1*
Red Hat Enterprise Linux 9.0 Extended Update Support	Red Hat	FreeBSD 12.0 before 12.0-RELEASE-p7 and 11.2 before 11.2-RELEASE-p11
Red Hat Enterprise Linux 9.2 Extended Update Support	Red Hat	< 4.3.13
Red Hat Enterprise Linux 6	Red Hat	<= *
Red Hat Enterprise Linux 7	Red Hat	QCA6554A
Red Hat Enterprise Linux 8	Red Hat	< 60
Red Hat Enterprise Linux 8	Red Hat	n/a
Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Red Hat	Immersive Home 318 Platform
Red Hat Enterprise Linux 8.8 Extended Update Support	Red Hat	unspecified
Red Hat Enterprise Linux 8.6 Extended Update Support	Red Hat	n/a
Red Hat Enterprise Linux 8	Red Hat	< unspecified
Red Hat Enterprise Linux 8.2 Advanced Update Support	Red Hat	n/a
Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	Red Hat	Immersive Home 326 Platform
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Red Hat	< f5a670421954fc7130c3685b713c621b29516669
Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Red Hat	3.30.12
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Red Hat	firmware versions V01L001 to V01L004
Red Hat Enterprise Linux 8.6 Extended Update Support	Red Hat	IPQ8072A
Red Hat Enterprise Linux 8.8 Extended Update Support	Red Hat	firmware versions V01L001 to V02L061
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Red Hat	before 24.1.2
Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Red Hat	n/a
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Red Hat	>= 20.5.0, < 23.1.0
Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	Red Hat	12.2.3-12.2.9
Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Red Hat	<= 1.3
Red Hat Enterprise Linux 8.2 Advanced Update Support	Red Hat	9.0
Red Hat Enterprise Linux 8.6 Extended Update Support	Red Hat	firmware versions V01L001 to V02L061
Red Hat Enterprise Linux 8.8 Extended Update Support	Red Hat	IPQ8074A
Red Hat Enterprise Linux 8.6 Extended Update Support	Red Hat	< 10.0.19042.1288
Red Hat Enterprise Linux 8.8 Extended Update Support	Red Hat	n/a
Red Hat Enterprise Linux 8	Red Hat	< unspecified
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Red Hat	n/a
Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Red Hat	n/a
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Red Hat	< publication
Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Red Hat	Java SE: 11.0.8
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Red Hat	< 6.2.12
Red Hat Enterprise Linux 8	Red Hat	12.1.1-12.1.3
Red Hat Enterprise Linux 9	Red Hat	< 17.9.6
Red Hat Enterprise Linux 9.2 Extended Update Support	Red Hat	< 5.5.1
Red Hat Enterprise Linux 8	Red Hat	< 10.0.19041.1288
Red Hat Enterprise Linux 8	Red Hat	< publication
Red Hat Enterprise Linux 9.2 Extended Update Support	Red Hat	< publication
Red Hat Enterprise Linux 9	Red Hat	Advanced Outbound Telephony 12.1.1;12.1.2;12.1.3;12.2.3;12.2.4;12.2.5;12.2.6
Red Hat Enterprise Linux 8.8 Extended Update Support	Red Hat	IPQ8076A
Red Hat Enterprise Linux 8.8 Extended Update Support	Red Hat	n/a
Red Hat Software Collections	Red Hat	< 20.2R3-S6
Red Hat Software Collections	Red Hat	various
Red Hat Software Collections for Red Hat Enterprise Linux 7	Red Hat	< unspecified
Red Hat Software Collections for Red Hat Enterprise Linux 7	Red Hat	< 584cd3ff792e1edbea20b2a7df55897159b0be3e
Red Hat Software Collections for Red Hat Enterprise Linux 7	Red Hat	< 1.3.2
Red Hat Software Collections for Red Hat Enterprise Linux 7	Red Hat	IPQ9554

CVE-2023-39417

Postgresql: extension script @substitutions@ within quoting allow sql injection

Metrics

Opam packages affected (5)

Products affected (84)

References (104)