CVE-2021-20229 log

Severity Medium
Remote Yes
Type Information disclosure
A security issue was found in  PostgreSQL 13 before version 13.2. A user having a SELECT privilege on an individual column can craft a special query that returns all columns of the table. Additionally, a stored view that uses column-level privileges will have incomplete column-usage bitmaps. In installations that depend on column-level permissions for security, it is recommended to execute CREATE OR REPLACE on all user-defined views to force them to be re-parsed.
Group Package Affected Fixed Severity Status Ticket
AVG-1567 postgresql 13.1-3 13.2-1 Medium Fixed
Date Advisory Group Package Severity Type
20 Feb 2021 ASA-202102-31 AVG-1567 postgresql Medium information disclosure