Approved changes feed: RSS · Atom

cpe:2.3:a:enterprisedb:edb_postgres_advanced_server:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorEnterprisedb (788c5be5-c3bc-5186-8634-02d14556d9dc)
ProductEdb Postgres Advanced Server (2871c1f1-819d-52e4-913e-b44e93ffb3ee)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-4545 vulnerable 2026-06-08 06:50:18.083253 EDB Postgres Advanced Server (EPAS) authenticated file read permissions bypass using edbldr
HIGH (7.7)
All versions of EnterpriseDB Postgres Advanced Server (EPAS) from 15.0 prior to 15.7.0 and from 16.0 prior to 16.3.0 may allow users using edbldr to bypass role permissions from pg_read_server_files. This could allow low privilege users to read files to which they would not otherwise have access.
Published: 2024-05-09T18:12:18.399Z
Updated: 2024-08-01T20:47:40.854Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.