certfr_avis - CERTFR-2020-AVI-744

CERTFR-2020-AVI-744

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans PostgreSQL. Elles permettent à un attaquant de provoquer une exécution de code arbitraire et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
PostgreSQL	PostgreSQL	PostgreSQL versions 10.x antérieures à 10.15
PostgreSQL	PostgreSQL	PostgreSQL versions 12.x antérieures à 12.5
PostgreSQL	PostgreSQL	PostgreSQL versions 13.x antérieures à 13.1
PostgreSQL	PostgreSQL	PostgreSQL versions 9.5.x antérieures à 9.5.24
PostgreSQL	PostgreSQL	PostgreSQL versions 11.x antérieures à 11.10
PostgreSQL	PostgreSQL	PostgreSQL versions 9.6.x antérieures à 9.6.20

References

Title

Publication Time

Tags

Bulletin de sécurité PostgreSQL du 12 novembre 2020

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "PostgreSQL versions 10.x ant\u00e9rieures \u00e0 10.15",
      "product": {
        "name": "PostgreSQL",
        "vendor": {
          "name": "PostgreSQL",
          "scada": false
        }
      }
    },
    {
      "description": "PostgreSQL versions 12.x ant\u00e9rieures \u00e0 12.5",
      "product": {
        "name": "PostgreSQL",
        "vendor": {
          "name": "PostgreSQL",
          "scada": false
        }
      }
    },
    {
      "description": "PostgreSQL versions 13.x ant\u00e9rieures \u00e0 13.1",
      "product": {
        "name": "PostgreSQL",
        "vendor": {
          "name": "PostgreSQL",
          "scada": false
        }
      }
    },
    {
      "description": "PostgreSQL versions 9.5.x ant\u00e9rieures \u00e0 9.5.24",
      "product": {
        "name": "PostgreSQL",
        "vendor": {
          "name": "PostgreSQL",
          "scada": false
        }
      }
    },
    {
      "description": "PostgreSQL versions 11.x ant\u00e9rieures \u00e0 11.10",
      "product": {
        "name": "PostgreSQL",
        "vendor": {
          "name": "PostgreSQL",
          "scada": false
        }
      }
    },
    {
      "description": "PostgreSQL versions 9.6.x ant\u00e9rieures \u00e0 9.6.20",
      "product": {
        "name": "PostgreSQL",
        "vendor": {
          "name": "PostgreSQL",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-25694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25694"
    },
    {
      "name": "CVE-2020-25696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25696"
    },
    {
      "name": "CVE-2020-25695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25695"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-744",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-11-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans PostgreSQL. Elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\net un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans PostgreSQL",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 PostgreSQL du 12 novembre 2020",
      "url": "https://www.postgresql.org/about/news/postgresql-131-125-1110-1015-9620-and-9524-released-2111/"
    }
  ]
}

CVE-2020-25695 (GCVE-0-2020-25695)

Vulnerability from cvelistv5 – Published: 2020-11-16 00:40 – Updated: 2024-08-04 15:40

Summary

A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Severity ?

No CVSS data available.

CWE

CWE-89

Assigner

redhat

References

URL

Tags

	https://www.postgresql.org/support/security/	x_refsource_MISC
	https://bugzilla.redhat.com/show_bug.cgi?id=1894425	x_refsource_MISC
	https://security.netapp.com/advisory/ntap-2020120…	x_refsource_CONFIRM
	https://lists.debian.org/debian-lts-announce/2020…	mailing-listx_refsource_MLIST
	https://security.gentoo.org/glsa/202012-07	vendor-advisoryx_refsource_GENTOO

Impacted products

	Vendor	Product	Version
	n/a	postgresql	Affected: All PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:40:36.702Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.postgresql.org/support/security/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894425"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20201202-0003/"
          },
          {
            "name": "[debian-lts-announce] 20201202 [SECURITY] [DLA 2478-1] postgresql-9.6 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00005.html"
          },
          {
            "name": "GLSA-202012-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202012-07"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "postgresql",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "All PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-89",
              "description": "CWE-89",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-07T01:06:27",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.postgresql.org/support/security/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894425"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20201202-0003/"
        },
        {
          "name": "[debian-lts-announce] 20201202 [SECURITY] [DLA 2478-1] postgresql-9.6 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00005.html"
        },
        {
          "name": "GLSA-202012-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202012-07"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2020-25695",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "postgresql",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-89"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.postgresql.org/support/security/",
              "refsource": "MISC",
              "url": "https://www.postgresql.org/support/security/"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1894425",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894425"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20201202-0003/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20201202-0003/"
            },
            {
              "name": "[debian-lts-announce] 20201202 [SECURITY] [DLA 2478-1] postgresql-9.6 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00005.html"
            },
            {
              "name": "GLSA-202012-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202012-07"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-25695",
    "datePublished": "2020-11-16T00:40:36",
    "dateReserved": "2020-09-16T00:00:00",
    "dateUpdated": "2024-08-04T15:40:36.702Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-25694 (GCVE-0-2020-25694)

Vulnerability from cvelistv5 – Published: 2020-11-16 00:38 – Updated: 2024-08-04 15:40

Summary

A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters, an opportunity for a man-in-the-middle attack, or the ability to observe clear-text transmissions, could exist. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Severity ?

No CVSS data available.

CWE

CWE-327

Assigner

redhat

References

URL

Tags

	https://bugzilla.redhat.com/show_bug.cgi?id=1894423	x_refsource_MISC
	https://www.postgresql.org/support/security/	x_refsource_MISC
	https://lists.debian.org/debian-lts-announce/2020…	mailing-listx_refsource_MLIST
	https://security.netapp.com/advisory/ntap-2020120…	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/202012-07	vendor-advisoryx_refsource_GENTOO

Impacted products

	Vendor	Product	Version
	n/a	postgresql	Affected: All PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:40:36.685Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894423"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.postgresql.org/support/security/"
          },
          {
            "name": "[debian-lts-announce] 20201202 [SECURITY] [DLA 2478-1] postgresql-9.6 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00005.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20201202-0003/"
          },
          {
            "name": "GLSA-202012-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202012-07"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "postgresql",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "All PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters, an opportunity for a man-in-the-middle attack, or the ability to observe clear-text transmissions, could exist. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-327",
              "description": "CWE-327",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-07T01:06:26",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894423"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.postgresql.org/support/security/"
        },
        {
          "name": "[debian-lts-announce] 20201202 [SECURITY] [DLA 2478-1] postgresql-9.6 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00005.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20201202-0003/"
        },
        {
          "name": "GLSA-202012-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202012-07"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2020-25694",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "postgresql",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters, an opportunity for a man-in-the-middle attack, or the ability to observe clear-text transmissions, could exist. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-327"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1894423",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894423"
            },
            {
              "name": "https://www.postgresql.org/support/security/",
              "refsource": "MISC",
              "url": "https://www.postgresql.org/support/security/"
            },
            {
              "name": "[debian-lts-announce] 20201202 [SECURITY] [DLA 2478-1] postgresql-9.6 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00005.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20201202-0003/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20201202-0003/"
            },
            {
              "name": "GLSA-202012-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202012-07"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-25694",
    "datePublished": "2020-11-16T00:38:53",
    "dateReserved": "2020-09-16T00:00:00",
    "dateUpdated": "2024-08-04T15:40:36.685Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-25696 (GCVE-0-2020-25696)

Vulnerability from cvelistv5 – Published: 2020-11-23 21:15 – Updated: 2024-08-04 15:40

Summary

A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If an interactive psql session uses \gset when querying a compromised server, the attacker can execute arbitrary code as the operating system account running psql. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Severity ?

No CVSS data available.

CWE

CWE-183 - >CWE-270

Assigner

redhat

References

URL

Tags

	https://bugzilla.redhat.com/show_bug.cgi?id=1894430	x_refsource_MISC
	https://www.postgresql.org/about/news/postgresql-…	x_refsource_MISC
	https://lists.debian.org/debian-lts-announce/2020…	mailing-listx_refsource_MLIST
	https://security.gentoo.org/glsa/202012-07	vendor-advisoryx_refsource_GENTOO

Impacted products

	Vendor	Product	Version
	n/a	PostgreSQL	Affected: All PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:40:36.672Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894430"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.postgresql.org/about/news/postgresql-131-125-1110-1015-9620-and-9524-released-2111/"
          },
          {
            "name": "[debian-lts-announce] 20201202 [SECURITY] [DLA 2478-1] postgresql-9.6 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00005.html"
          },
          {
            "name": "GLSA-202012-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202012-07"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PostgreSQL",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "All PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If an interactive psql session uses \\gset when querying a compromised server, the attacker can execute arbitrary code as the operating system account running psql. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-183",
              "description": "CWE-183-\u003eCWE-270",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-07T01:06:25",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894430"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.postgresql.org/about/news/postgresql-131-125-1110-1015-9620-and-9524-released-2111/"
        },
        {
          "name": "[debian-lts-announce] 20201202 [SECURITY] [DLA 2478-1] postgresql-9.6 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00005.html"
        },
        {
          "name": "GLSA-202012-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202012-07"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2020-25696",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PostgreSQL",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If an interactive psql session uses \\gset when querying a compromised server, the attacker can execute arbitrary code as the operating system account running psql. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-183-\u003eCWE-270"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1894430",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894430"
            },
            {
              "name": "https://www.postgresql.org/about/news/postgresql-131-125-1110-1015-9620-and-9524-released-2111/",
              "refsource": "MISC",
              "url": "https://www.postgresql.org/about/news/postgresql-131-125-1110-1015-9620-and-9524-released-2111/"
            },
            {
              "name": "[debian-lts-announce] 20201202 [SECURITY] [DLA 2478-1] postgresql-9.6 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00005.html"
            },
            {
              "name": "GLSA-202012-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202012-07"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-25696",
    "datePublished": "2020-11-23T21:15:47",
    "dateReserved": "2020-09-16T00:00:00",
    "dateUpdated": "2024-08-04T15:40:36.672Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CERTFR-2020-AVI-744

Solution

CVE-2020-25695 (GCVE-0-2020-25695)

CVE-2020-25694 (GCVE-0-2020-25694)

CVE-2020-25696 (GCVE-0-2020-25696)

Tags

Sightings

Nomenclature