VDB
BIT-postgresql-2023-39418
BIT-postgresql-2023-39418
PUBLISHED
CVSS 4.300000190734863 MEDIUM
Postgresql: merge fails to enforce update or select row security policies
Risk Scores
CVSS 3.1
4.300000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | postgresql | 15.0.0, 15.0.0, 15.0.0 |
Timeline
- Mar 6, 2024 CVE Published
- May 20, 2025 CVE Updated
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Distribution Patch
References
- https://access.redhat.com/errata/RHSA-2023:7785 url
- https://access.redhat.com/errata/RHSA-2023:7883 url
- https://access.redhat.com/errata/RHSA-2023:7884 url
- https://access.redhat.com/errata/RHSA-2023:7885 url
- https://access.redhat.com/security/cve/CVE-2023-39418 url
- https://bugzilla.redhat.com/show_bug.cgi?id=2228112 url
- https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=cb2ae5741f2458a474ed3c31458d242e678ff229 url
- https://security.netapp.com/advisory/ntap-20230915-0002/ url
- https://www.debian.org/security/2023/dsa-5553 url
- https://www.postgresql.org/support/security/CVE-2023-39418/ url
- https://nvd.nist.gov/vuln/detail/CVE-2023-39418 url