CVE-2022-1552

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-1552

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-1552.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-1552

Aliases

BIT-postgresql-2022-1552

Downstream

ALPINE-CVE-2022-1552

DEBIAN-CVE-2022-1552

DSA-5135-1

DSA-5136-1

OESA-2022-2104

RHSA-2022:4771

RHSA-2022:4805

RHSA-2022:4807

RHSA-2022:4854

RHSA-2022:4855

RHSA-2022:4856

RHSA-2022:4857

RHSA-2022:4893

RHSA-2022:4894

RHSA-2022:4895

RHSA-2022:4913

RHSA-2022:4915

RHSA-2022:4929

RHSA-2022:5162

SUSE-SU-2022:1804-1

SUSE-SU-2022:1835-1

SUSE-SU-2022:1869-1

SUSE-SU-2022:1874-1

SUSE-SU-2022:1890-1

SUSE-SU-2022:1894-1

SUSE-SU-2022:1895-1

SUSE-SU-2022:1908-1

SUSE-SU-2022:2893-1

SUSE-SU-2022:2958-1

UBUNTU-CVE-2022-1552

USN-5440-1

USN-5676-1

openSUSE-SU-2024:12072-1

openSUSE-SU-2024:12073-1

openSUSE-SU-2024:12075-1

openSUSE-SU-2024:12076-1

openSUSE-SU-2024:12077-1

openSUSE-SU-2024:13243-1

openSUSE-SU-2024:14360-1

Related

Published

2022-08-31T16:15:09Z

Modified

2024-11-21T06:40:57Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not at all during the process. This flaw allows an attacker with permission to create non-temporary objects in at least one schema to execute arbitrary SQL functions under a superuser identity.

References

Affected packages