CVE-2019-10129

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-10129

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-10129.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-10129

Downstream

ALPINE-CVE-2019-10129

openSUSE-SU-2024:11185-1

Related

Published

2019-07-30T17:15:12Z

Modified

2025-11-19T07:57:25.853236Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052).

References

Affected packages

Git / git.postgresql.org/git/postgresql.git

Affected ranges

Type: GIT
Repo: https://git.postgresql.org/git/postgresql.git
Events: Introduced

19f20081df059fef87e14c8e953669bd173dd7f1

Fixed

0616aed243b23e68b5c06ceb3df3e4ec35e731b7

Affected versions

Other

REL_11_0

REL_11_1

REL_11_2