CVE-2018-1052

Memory disclosure vulnerability in table partitioning was found in postgresql 10.x before 10.2, allowing an authenticated attacker to read arbitrary bytes of server memory via purpose-crafted insert to a partitioned table.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 63%
VendorProductVersion
postgresqlpostgresql
10.0
postgresqlpostgresql
10.1
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
postgresql-10
artful
dne
xenial
dne
trusty
dne
postgresql-9.1
artful
dne
xenial
dne
trusty
dne
postgresql-9.4
artful
dne
xenial
dne
trusty
dne
postgresql-9.6
artful
not-affected
xenial
dne
trusty
dne
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/102987
https://www.postgresql.org/about/news/1829/
http://www.securityfocus.com/bid/102987
https://www.postgresql.org/about/news/1829/