Metrics
Affected Vendors & Products
Tue, 29 Oct 2024 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Els
|
|
CPEs | cpe:/o:redhat:rhel_els:7 | |
Vendors & Products |
Redhat rhel Els
|
Wed, 11 Sep 2024 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:rhel_aus:8.6 cpe:/a:redhat:rhel_e4s:8.6 cpe:/a:redhat:rhel_tus:8.6 |
Fri, 06 Sep 2024 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Aus
Redhat rhel E4s Redhat rhel Eus Redhat rhel Tus |
|
CPEs | cpe:/a:redhat:rhel_aus:8.2 cpe:/a:redhat:rhel_aus:8.4 cpe:/a:redhat:rhel_e4s:8.4 cpe:/a:redhat:rhel_e4s:9.0 cpe:/a:redhat:rhel_eus:8.8 cpe:/a:redhat:rhel_eus:9.2 cpe:/a:redhat:rhel_tus:8.4 |
|
Vendors & Products |
Redhat rhel Aus
Redhat rhel E4s Redhat rhel Eus Redhat rhel Tus |
Wed, 28 Aug 2024 22:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:enterprise_linux:8 |
Wed, 28 Aug 2024 19:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat
Redhat enterprise Linux |
|
CPEs | cpe:/a:redhat:enterprise_linux:9 | |
Vendors & Products |
Redhat
Redhat enterprise Linux |
Fri, 23 Aug 2024 08:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Tue, 13 Aug 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
ssvc
|
Fri, 09 Aug 2024 19:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Postgresql
Postgresql postgresql |
|
CPEs | cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:* | |
Vendors & Products |
Postgresql
Postgresql postgresql |
|
Metrics |
ssvc
|
Fri, 09 Aug 2024 05:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
threat_severity
|
Thu, 08 Aug 2024 13:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected. | |
Title | PostgreSQL relation replacement during pg_dump executes arbitrary SQL | |
Weaknesses | CWE-367 | |
References |
| |
Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: PostgreSQL
Published: 2024-08-08T13:00:02.130Z
Updated: 2024-08-22T18:03:18.699Z
Reserved: 2024-07-31T18:33:23.341Z
Link: CVE-2024-7348
Updated: 2024-08-22T18:03:18.699Z
Status : Modified
Published: 2024-08-08T13:15:14.007
Modified: 2024-11-21T09:51:20.720
Link: CVE-2024-7348