Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2021-32028 - Vulnerability Database
PostgreSQL

PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2021-32028

Medium
Reference: CVE-2021-32028
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-32028
Title: PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality.