Threat Encyclopedia

PostgreSQL: Multiple features escape security restricted operation sandbox

Description

An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser.

Affected Products

PostgreSQL

CVE References

CVE-2020-25695