Security Advisory

PostgreSQL Vulnerability Security Update Advisory (CVE-2024-7348)

  • Aug 09 2024

Overview

 

PostgreSQL(https://www.postgresql.org/) has released a security update that fixes vulnerabilities in its shipped products. Users of affected products are advised to update to the latest version.

 

Affected Products

 

PostgreSQL 16

PostgreSQL 15

PostgreSQL 14

PostgreSQL 13

PostgreSQL 12

 

Resolved Vulnerabilities

 

Arbitrary SQL Execution Vulnerability in PostgreSQL (CVE-2024-7348, CVSS 8.8) [1]

 

Vulnerability Patches

 

Please follow the security advisory published on August 08, 2018 and update to the latest version.

PostgreSQL 16.4

PostgreSQL 15.8

PostgreSQL 14.13

PostgreSQL 13.16

PostgreSQL 12.20

 

Referenced Sites

 

[1] CVE-2024-7348 : PostgreSQL relation replacement during pg_dump executes arbitrary SQL

https://www.postgresql.org/support/security/CVE-2024-7348/

Tags:

Previous Post

Next Post