CVE-2017-7484 log

Severity Medium
Remote Yes
Type Information disclosure
A security issue has been found in PostgreSQL < 9.6.3, where some selectivity estimation functions did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access.
Group Package Affected Fixed Severity Status Ticket
AVG-272 postgresql 9.6.2-1 9.6.3-1 Medium Fixed
Date Advisory Group Package Severity Type
30 May 2017 ASA-201705-23 AVG-272 postgresql Medium information disclosure