An issue exists in EnterpriseDB Postgres Advanced Server (EPAS) prior to 11.21.32, 12.x prior to 12.16.20, 13.x prior to 13.12.16, 14.x prior to 14.9.0, and 15.x prior to 15.4.0. When using UTL_ENCODE, an authenticated user can read any large object, regardless of that user's permissions.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
enterprisedb postgres advanced server |