An issue was discovered in EnterpriseDB Postgres Advanced Server (EPAS) before 11.21.32, 12.x before 12.16.20, 13.x before 13.12.16, 14.x before 14.9.0, and 15.x before 15.4.0. When using UTL_ENCODE, an authenticated user can read any large object, regardless of that user's permissions.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-12-12T00:00:00

Updated: 2024-08-28T17:12:52.165Z

Reserved: 2023-08-23T00:00:00

Link: CVE-2023-41115

cve-icon Vulnrichment

Updated: 2024-08-02T18:54:03.714Z

cve-icon NVD

Status : Modified

Published: 2023-12-12T07:15:43.780

Modified: 2024-11-21T08:20:37.260

Link: CVE-2023-41115

cve-icon Redhat

No data.