CVE-2023-41115 Information

Dec 14, 2023 cve

Description

An issue was discovered in EnterpriseDB Postgres Advanced Server (EPAS) before 11.21.32 12.x before 12.16.20 13.x before 13.12.16 14.x before 14.9.0 and 15.x before 15.4.0. When using UTL_ENCODE an authenticated user can read any large object regardless of that user’s permissions.

Reference

https://www.enterprisedb.com/docs/security/advisories/cve202341115/

Share on: