All the vulnerabilites related to IVM Development Group - pg_ivm
cve-2023-23554
Vulnerability from cvelistv5
Published
2023-03-07 00:00
Modified
2024-08-02 10:35
Severity ?
EPSS score ?
Summary
Uncontrolled search path element vulnerability exists in pg_ivm versions prior to 1.5.1. When refreshing an IMMV, pg_ivm executes functions without specifying schema names. Under certain conditions, pg_ivm may be tricked to execute unexpected functions from other schemas with the IMMV owner's privilege. If this vulnerability is exploited, an unexpected function provided by an attacker may be executed with the privilege of the materialized view owner.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| IVM Development Group | pg_ivm |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:35:33.199Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/sraoss/pg_ivm"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/sraoss/pg_ivm/releases/tag/v1.5.1"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN19872280/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "pg_ivm",
"vendor": "IVM Development Group",
"versions": [
{
"status": "affected",
"version": "versions prior to 1.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path element vulnerability exists in pg_ivm versions prior to 1.5.1. When refreshing an IMMV, pg_ivm executes functions without specifying schema names. Under certain conditions, pg_ivm may be tricked to execute unexpected functions from other schemas with the IMMV owner\u0027s privilege. If this vulnerability is exploited, an unexpected function provided by an attacker may be executed with the privilege of the materialized view owner."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Uncontrolled search path element",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-07T00:00:00",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://github.com/sraoss/pg_ivm"
},
{
"url": "https://github.com/sraoss/pg_ivm/releases/tag/v1.5.1"
},
{
"url": "https://jvn.jp/en/jp/JVN19872280/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2023-23554",
"datePublished": "2023-03-07T00:00:00",
"dateReserved": "2023-02-28T00:00:00",
"dateUpdated": "2024-08-02T10:35:33.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-22847
Vulnerability from cvelistv5
Published
2023-03-07 00:00
Modified
2024-08-02 10:20
Severity ?
EPSS score ?
Summary
Information disclosure vulnerability exists in pg_ivm versions prior to 1.5.1. An Incrementally Maintainable Materialized View (IMMV) created by pg_ivm may reflect rows with Row-Level Security that the owner of the IMMV should not have access to. As a result, information in tables protected by Row-Level Security may be retrieved by a user who is not authorized to access it.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| IVM Development Group | pg_ivm |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:20:31.077Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/sraoss/pg_ivm"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/sraoss/pg_ivm/releases/tag/v1.5.1"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN19872280/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "pg_ivm",
"vendor": "IVM Development Group",
"versions": [
{
"status": "affected",
"version": "versions prior to 1.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Information disclosure vulnerability exists in pg_ivm versions prior to 1.5.1. An Incrementally Maintainable Materialized View (IMMV) created by pg_ivm may reflect rows with Row-Level Security that the owner of the IMMV should not have access to. As a result, information in tables protected by Row-Level Security may be retrieved by a user who is not authorized to access it."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Exposure of sensitive information to an unauthorized actor",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-07T00:00:00",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://github.com/sraoss/pg_ivm"
},
{
"url": "https://github.com/sraoss/pg_ivm/releases/tag/v1.5.1"
},
{
"url": "https://jvn.jp/en/jp/JVN19872280/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2023-22847",
"datePublished": "2023-03-07T00:00:00",
"dateReserved": "2023-02-28T00:00:00",
"dateUpdated": "2024-08-02T10:20:31.077Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
jvndb-2023-000023
Vulnerability from jvndb
Published
2023-03-06 15:22
Modified
2024-06-10 16:41
Severity ?
Summary
Multiple vulnerabilities in PostgreSQL extension module pg_ivm
Details
pg_ivm provided by IVM Development Group is a PostgreSQL extension module that provides incremental view maintenance functionality of materialized views. pg_ivm contains multiple vulnerabilities listed below.
<ul><li>Exposure of sensitive information to an unauthorized actor (CWE-200) - CVE-2023-22847
An Incrementally Maintainable Materialized View (IMMV) created by pg_ivm may reflect rows with Row-Level Security that the owner of the IMMV should not have access to.</ul>
<ul><li>Uncontrolled search path element (CWE-427) - CVE-2023-23554
When refreshing an IMMV, pg_ivm executes functions without specifying schema names. Under certain conditions, pg_ivm may be tricked to execute unexpected functions from other schemas with the IMMV owner's privilege.</ul>
IVM Development Group reported these vulnerabilities to IPA to notify users of its solution through JVN. JPCERT/CC and IVM Development Group coordinated under the Information Security Early Warning Partnership.
References
| ▼ | Type | URL |
|---|---|---|
| JVN | http://jvn.jp/en/jp/JVN19872280/index.html | |
| CVE | https://www.cve.org/CVERecord?id=CVE-2023-22847 | |
| CVE | https://www.cve.org/CVERecord?id=CVE-2023-23554 | |
| NVD | https://nvd.nist.gov/vuln/detail/CVE-2023-22847 | |
| NVD | https://nvd.nist.gov/vuln/detail/CVE-2023-23554 | |
| Information Exposure(CWE-200) | https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html | |
| No Mapping(CWE-Other) | https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| IVM Development Group | pg_ivm |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000023.html",
"dc:date": "2024-06-10T16:41+09:00",
"dcterms:issued": "2023-03-06T15:22+09:00",
"dcterms:modified": "2024-06-10T16:41+09:00",
"description": "pg_ivm provided by IVM Development Group is a PostgreSQL extension module that provides incremental view maintenance functionality of materialized views. pg_ivm contains multiple vulnerabilities listed below.\r\n\u003cul\u003e\u003cli\u003eExposure of sensitive information to an unauthorized actor (CWE-200) - CVE-2023-22847\r\nAn Incrementally Maintainable Materialized View (IMMV) created by pg_ivm may reflect rows with Row-Level Security that the owner of the IMMV should not have access to.\u003c/ul\u003e\r\n\u003cul\u003e\u003cli\u003eUncontrolled search path element (CWE-427) - CVE-2023-23554\r\nWhen refreshing an IMMV, pg_ivm executes functions without specifying schema names. Under certain conditions, pg_ivm may be tricked to execute unexpected functions from other schemas with the IMMV owner\u0027s privilege.\u003c/ul\u003e\r\n\r\nIVM Development Group reported these vulnerabilities to IPA to notify users of its solution through JVN. JPCERT/CC and IVM Development Group coordinated under the Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000023.html",
"sec:cpe": {
"#text": "cpe:/a:sraoss:pg_ivm",
"@product": "pg_ivm",
"@vendor": "IVM Development Group",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "5.5",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"@version": "2.0"
},
{
"@score": "5.4",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2023-000023",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN19872280/index.html",
"@id": "JVN#19872280",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2023-22847",
"@id": "CVE-2023-22847",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2023-23554",
"@id": "CVE-2023-23554",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-22847",
"@id": "CVE-2023-22847",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-23554",
"@id": "CVE-2023-23554",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-200",
"@title": "Information Exposure(CWE-200)"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Multiple vulnerabilities in PostgreSQL extension module pg_ivm"
}