CVE-2023-2454

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-2454

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-2454.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-2454

Aliases

BIT-postgresql-2023-2454

Downstream

ALPINE-CVE-2023-2454

DEBIAN-CVE-2023-2454

DLA-3422-1

DSA-5401-1

OESA-2023-1567

OESA-2023-1568

OESA-2023-1569

RHSA-2023:3714

RHSA-2023:4313

RHSA-2023:4327

RHSA-2023:4527

RHSA-2023:4535

RHSA-2023:4539

RHSA-2023:5269

RHSA-2023:7545

RHSA-2023:7580

RHSA-2023:7666

RHSA-2023:7667

RHSA-2023:7694

RHSA-2023:7695

RHSA-2023:7772

RLSA-2023:4327

SUSE-SU-2023:2198-1

SUSE-SU-2023:2199-1

SUSE-SU-2023:2200-1

SUSE-SU-2023:2201-1

SUSE-SU-2023:2202-1

SUSE-SU-2023:2205-1

SUSE-SU-2023:2206-1

SUSE-SU-2023:2207-1

SUSE-SU-2023:2219-1

UBUNTU-CVE-2023-2454

USN-6104-1

USN-6230-1

openSUSE-SU-2024:12929-1

openSUSE-SU-2024:12930-1

openSUSE-SU-2024:12931-1

openSUSE-SU-2024:12932-1

openSUSE-SU-2024:12933-1

openSUSE-SU-2024:14360-1

Related

Published

2023-06-09T19:15:09Z

Modified

2025-01-06T18:15:13Z

Severity

7.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

schemaelement defeats protective searchpath changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code.

References

Affected packages