Total vulnerabilities in the database
Untrusted search path vulnerability in PostgreSQL before 7.3.19, 7.4.x before 7.4.17, 8.0.x before 8.0.13, 8.1.x before 8.1.9, and 8.2.x before 8.2.4 allows remote authenticated users, when permitted to call a SECURITY DEFINER function, to gain the privileges of the function owner, related to "search_path settings."
| Software | From | Fixed in |
|---|---|---|
| postgresql / postgresql | - | 7.3.19 |
| postgresql / postgresql | 7.4 | 7.4.17 |
| postgresql / postgresql | 8.0 | 8.0.13 |
| postgresql / postgresql | 8.1 | 8.1.9 |
| postgresql / postgresql | 8.2 | 8.2.4 |
| debian / debian_linux | 3.1 | 3.1.x |
| debian / debian_linux | 4.0 | 4.0.x |
| canonical / ubuntu_linux | 6.06 | 6.06.x |
| canonical / ubuntu_linux | 7.04 | 7.04.x |
| canonical / ubuntu_linux | 6.10 | 6.10.x |