An issue has been found in PostgreSQL >= 11.0 and < 11.5. In a database containing hypothetical, user-defined hash equality operators, an attacker could read arbitrary bytes of server memory. For an attack to become possible, a superuser would need to create unusual operators. It is possible for operators not purpose-crafted for attack to have the properties that enable an attack, but we are not aware of specific examples.
|10 Aug 2019||ASA-201908-8||AVG-1019||postgresql||Medium||multiple issues|
|10 Aug 2019||ASA-201908-7||AVG-1019||postgresql-libs||Medium||multiple issues|