PostgreSQL prior to 9.5.x prior to 9.5.2 does not properly maintain row-security status in cached plans, which might allow malicious users to bypass intended access restrictions by leveraging a session that performs queries as more than one role.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
postgresql postgresql 9.5.1 |
||
postgresql postgresql 9.5 |