CVE 2018-1058
A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected.
Related bugs and status
CVE-2018-1058 (Candidate) is related to these bugs:
Bug #1752271: New upstream microreleases 9.3.22, 9.5.12, 9.6.8 and 10.3
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1752271 | New upstream microreleases 9.3.22, 9.5.12, 9.6.8 and 10.3 | postgresql-9.6 (Ubuntu) | Undecided | Invalid | ||
1752271 | New upstream microreleases 9.3.22, 9.5.12, 9.6.8 and 10.3 | postgresql-10 (Ubuntu) | Undecided | Fix Released | ||
1752271 | New upstream microreleases 9.3.22, 9.5.12, 9.6.8 and 10.3 | postgresql-9.5 (Ubuntu) | Undecided | Invalid | ||
1752271 | New upstream microreleases 9.3.22, 9.5.12, 9.6.8 and 10.3 | postgresql-9.3 (Ubuntu) | Undecided | Invalid | ||
1752271 | New upstream microreleases 9.3.22, 9.5.12, 9.6.8 and 10.3 | postgresql-9.5 (Ubuntu Xenial) | Undecided | Fix Released | ||
1752271 | New upstream microreleases 9.3.22, 9.5.12, 9.6.8 and 10.3 | postgresql-10 (Ubuntu Bionic) | Undecided | Fix Released | ||
1752271 | New upstream microreleases 9.3.22, 9.5.12, 9.6.8 and 10.3 | postgresql-9.3 (Ubuntu Trusty) | Undecided | Fix Released | ||
1752271 | New upstream microreleases 9.3.22, 9.5.12, 9.6.8 and 10.3 | postgresql-9.6 (Ubuntu Artful) | Undecided | Fix Released |
Bug #1892335: New upstream microreleases 9.5.23 10.14 and 12.4
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1892335 | New upstream microreleases 9.5.23 10.14 and 12.4 | postgresql-12 (Ubuntu) | Undecided | Fix Released | ||
1892335 | New upstream microreleases 9.5.23 10.14 and 12.4 | postgresql-12 (Ubuntu Focal) | Undecided | Fix Released | ||
1892335 | New upstream microreleases 9.5.23 10.14 and 12.4 | postgresql-10 (Ubuntu Bionic) | Undecided | Fix Released | ||
1892335 | New upstream microreleases 9.5.23 10.14 and 12.4 | postgresql-9.5 (Ubuntu Xenial) | Undecided | Fix Released |
See the
CVE page on Mitre.org
for more details.