9
CVE-2016-0766
- EPSS 0.97%
- Published 17.02.2016 15:59:01
- Last modified 12.04.2025 10:46:40
- Source secalert@redhat.com
- Teams watchlist Login
- Open Login
PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors.
Data is provided by the National Vulnerability Database (NVD)
Postgresql ≫ Postgresql Version >= 9.1.0 < 9.1.20
Postgresql ≫ Postgresql Version >= 9.2 < 9.2.15
Postgresql ≫ Postgresql Version >= 9.3 < 9.3.11
Postgresql ≫ Postgresql Version >= 9.4 < 9.4.6
Postgresql ≫ Postgresql Version9.5
Canonical ≫ Ubuntu Linux Version12.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version14.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version15.10
Debian ≫ Debian Linux Version7.0
Debian ≫ Debian Linux Version8.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.97% | 0.757 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 9 | 8 | 10 |
AV:N/AC:L/Au:S/C:C/I:C/A:C
|