VDB
GCVE-110-MAGEIA-2017-230
GCVE-110-MAGEIA-2017-230
Advisory Published
Robert Haas discovered that some selectivity estimators did not validate user
privileges which could result in information disclosure (CVE-2017-7484).
Daniel Gustafsson discovered that the PGREQUIRESSL environment variable did no
longer enforce a TLS connection (CVE-2017-7485).
Andrew Wheelwright discovered that user mappings were insufficiently restricted
(CVE-2017-7486).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | postgresql9.3 | 0 (affected), 9.3.17-1.mga5 (unaffected) | — |
| Mageia | postgresql9.4 | 9.4.12-1.mga5 (unaffected), 0 (affected) | — |
References
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.