Memory Disclosure Vulnerability in PostgreSQL by PostgreSQL Global Development Group
CVE-2018-1052
6.5MEDIUM
Key Information:
- Status
- Vendor
- CVE Published:
- 9 February 2018
What is CVE-2018-1052?
A memory disclosure vulnerability was discovered in PostgreSQL that affects versions 10.x prior to 10.2. This flaw allows authenticated attackers to exploit the system by inserting carefully crafted data into a partitioned table. As a result, they can reveal sensitive bytes from the server's memory, potentially exposing confidential information stored in the database. It is crucial for users of affected versions to upgrade to at least 10.2 to mitigate this security risk.
Affected Version(s)
postgresql 10.x before 10.2