2ndquadrant

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Pglogical

pglogical

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-3515 12ndquadrant 1Pglogical Nov 21, 2024 Jun 1, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 A shell injection flaw was found in pglogical in versions before 2.3.4 and before 3.6.26. An attacker with CREATEDB privileges on a PostgreSQL server can craft a database name that allows execution of shell commands as t...Show more A shell injection flaw was found in pglogical in versions before 2.3.4 and before 3.6.26. An attacker with CREATEDB privileges on a PostgreSQL server can craft a database name that allows execution of shell commands as the postgresql user when calling pglogical.create_subscription().Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2021-3515

12ndquadrant

1Pglogical

Nov 21, 2024

Jun 1, 2021

N/A· v4

6.7 MEDIUM· v3

7.2 HIGH· v2

A shell injection flaw was found in pglogical in versions before 2.3.4 and before 3.6.26. An attacker with CREATEDB privileges on a PostgreSQL server can craft a database name that allows execution of shell commands as t...Show more