All versions of EnterpriseDB Postgres Advanced Server (EPAS) from 15.0 prior to 15.7.0 and from 16.0 prior to 16.3.0 may allow users using edbldr to bypass role permissions from pg_read_server_files. This could allow low privilege users to read files to which they would not otherwise have access.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: EDB

Published: 2024-05-09T18:12:18.399Z

Updated: 2024-08-01T20:47:40.854Z

Reserved: 2024-05-06T13:09:28.537Z

Link: CVE-2024-4545

cve-icon Vulnrichment

Updated: 2024-08-01T20:47:40.854Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-05-14T15:44:02.793

Modified: 2024-11-21T09:43:04.590

Link: CVE-2024-4545

cve-icon Redhat

No data.