CVE-2018-1058

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-1058

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1058.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-1058

Downstream

ALPINE-CVE-2018-1058

RHSA-2018:2511

RHSA-2018:2566

RHSA-2018:3816

SUSE-SU-2018:0755-1

SUSE-SU-2018:0756-1

SUSE-SU-2018:0876-1

UBUNTU-CVE-2018-1058

USN-3589-1

openSUSE-SU-2024:11184-1

Related

Published

2018-03-02T15:29:00Z

Modified

2025-10-22T16:31:20.746611Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected.

References

Affected packages

Git / git.postgresql.org/git/postgresql.git

Affected ranges

Type: GIT
Repo: https://git.postgresql.org/git/postgresql.git
Events: Introduced

da645b3a73580ac30cf02e932b42d06157b98229

Fixed

3652766ba932c7b7efdb2b29524898d881a94a33

Affected versions

Other

REL9_3_0

REL9_3_1

REL9_3_10

REL9_3_11

REL9_3_12

REL9_3_13

REL9_3_14

REL9_3_15

REL9_3_16

REL9_3_17

REL9_3_18

REL9_3_19

REL9_3_2

REL9_3_20

REL9_3_21

REL9_3_3

REL9_3_4

REL9_3_5

REL9_3_6

REL9_3_7

REL9_3_8

REL9_3_9