説明
All versions of EnterpriseDB Postgres Advanced Server (EPAS) from 15.0 prior to 15.7.0 and from 16.0 prior to 16.3.0 may allow users using edbldr to bypass role permissions from pg_read_server_files. This could allow low privilege users to read files to which they would not otherwise have access.
AI分析AIによる分析
参照
- https://www.enterprisedb.com/docs/epas/15/epas_rel_notes/
- https://www.enterprisedb.com/docs/epas/latest/epas_rel_notes/
- https://www.enterprisedb.com/docs/security/advisories/cve20244545/
- https://www.enterprisedb.com/docs/epas/15/epas_rel_notes/
- https://www.enterprisedb.com/docs/epas/latest/epas_rel_notes/
- https://www.enterprisedb.com/docs/security/advisories/cve20244545/