CVE-2021-20229
Description
A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privilege on one column to craft a special query that returns all columns of the table. The highest threat from this vulnerability is to confidentiality.
Risk Information
Base Score
4.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
0.086
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2021-20229 Announcement,CVE-2021-3393 Announcement are fixed in Postgresql 13.2 | Windows |
| Vulnerabilities CVE-2021-20229,CVE-2021-3393 are fixed in PostgreSQL 13.2 | Windows |
| SUSE-SU-2021:0545-1(SUSE Linux Enterprise Server 12-SP5 ) libecpg6-13.2-3.6.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0545-1(SUSE Linux Enterprise Server 12-SP5 ) libecpg6-debuginfo-13.2-3.6.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0545-1(SUSE Linux Enterprise Server 12-SP5 ) libpq5-13.2-3.6.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0545-1(SUSE Linux Enterprise Server 12-SP5 ) libpq5-32bit-13.2-3.6.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0545-1(SUSE Linux Enterprise Server 12-SP5 ) libpq5-debuginfo-13.2-3.6.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0545-1(SUSE Linux Enterprise Server 12-SP5 ) libpq5-debuginfo-32bit-13.2-3.6.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0545-1(SUSE Linux Enterprise Server 12-SP5 ) postgresql13-13.2-3.6.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0545-1(SUSE Linux Enterprise Server 12-SP5 ) postgresql13-contrib-13.2-3.6.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0545-1(SUSE Linux Enterprise Server 12-SP5 ) postgresql13-contrib-debuginfo-13.2-3.6.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0545-1(SUSE Linux Enterprise Server 12-SP5 ) postgresql13-debuginfo-13.2-3.6.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0545-1(SUSE Linux Enterprise Server 12-SP5 ) postgresql13-debugsource-13.2-3.6.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0545-1(SUSE Linux Enterprise Server 12-SP5 ) postgresql13-docs-13.2-3.6.1.noarch.rpm | Linux |
| SUSE-SU-2021:0545-1(SUSE Linux Enterprise Server 12-SP5 ) postgresql13-plperl-13.2-3.6.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0545-1(SUSE Linux Enterprise Server 12-SP5 ) postgresql13-plperl-debuginfo-13.2-3.6.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0545-1(SUSE Linux Enterprise Server 12-SP5 ) postgresql13-plpython-13.2-3.6.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0545-1(SUSE Linux Enterprise Server 12-SP5 ) postgresql13-plpython-debuginfo-13.2-3.6.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0545-1(SUSE Linux Enterprise Server 12-SP5 ) postgresql13-pltcl-13.2-3.6.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0545-1(SUSE Linux Enterprise Server 12-SP5 ) postgresql13-pltcl-debuginfo-13.2-3.6.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0545-1(SUSE Linux Enterprise Server 12-SP5 ) postgresql13-server-13.2-3.6.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0545-1(SUSE Linux Enterprise Server 12-SP5 ) postgresql13-server-debuginfo-13.2-3.6.1.x86_64.rpm | Linux |
| Vulnerabilities CVE-2021-20229 Announcement,CVE-2021-3393 Announcement are fixed in Postgresql 13.2 (For Linux) | Linux |
| Vulnerabilities CVE-2021-20229,CVE-2021-3393 are fixed in PostgreSQL 13.2 (For Linux) | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234