Alpaquita LinuxStreamSecurity Advisory
Search Cve

CVE-2021-20229

Published: August 31, 2023Last modified: August 31, 2023

Description

A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privilege on one column to craft a special query that returns all columns of the table. The highest threat from this vulnerability is to confidentiality.

Severity score breakdown

ParameterValue
Base score4.3
Attack VectorNETWORK
Attack complexityLOW
Privileges requiredLOW
User interactionNONE
ScopeUNCHANGED
ConfidentialityLOW
Integrity impactNONE
Availability impactNONE
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Status

ProductReleasePackageStatus
Alpaquita Linux23 LTSpostgresql15Not affected (15.4-r0)
Streampostgresql15Not affected (15.4-r0)

References

ON THIS PAGE