CVE-2017-7548

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-7548

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-7548.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2017-7548

Downstream

ALPINE-CVE-2017-7548

DSA-3935-1

DSA-3936-1

RHSA-2017:2677

RHSA-2017:2678

SUSE-SU-2017:2236-1

SUSE-SU-2017:2258-1

SUSE-SU-2017:2355-1

SUSE-SU-2017:2356-1

UBUNTU-CVE-2017-7548

USN-3390-1

Related

Published

2017-08-16T18:29:00Z

Modified

2025-10-29T00:00:31.520796Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no privileges on a large object to overwrite the entire contents of the object, resulting in a denial of service.

References

Affected packages

Git / git.postgresql.org/git/postgresql.git

Affected ranges

Type: GIT
Repo: https://git.postgresql.org/git/postgresql.git
Events: Introduced

8ca336f4ac3f08a5f23e76c6e9a5f2c8064f5883

Fixed

6d81d0a215a5b843bf003b0a1c4b43f6d2cccc78

Affected versions

Other

REL9_4_0

REL9_4_1

REL9_4_10

REL9_4_11

REL9_4_12

REL9_4_2

REL9_4_3

REL9_4_4

REL9_4_5

REL9_4_6

REL9_4_7

REL9_4_8

REL9_4_9