Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Set User Project Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-41558 1 Set User Project 1 Set User 2023-12-10 7.5 HIGH 9.8 CRITICAL
The set_user extension module before 3.0.0 for PostgreSQL allows ProcessUtility_hook bypass via set_config.
CVE-2021-38140 1 Set User Project 1 Set User 2023-12-10 7.5 HIGH 9.8 CRITICAL
The set_user extension module before 2.0.1 for PostgreSQL allows a potential privilege escalation using RESET SESSION AUTHORIZATION after set_user().