CVE-2021-20229

CVE-2021-20229

Vendor N/A
Product PostgreSQL
Weakness CWE-863 · Incorrect authorization
Published February 23, 2021
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privilege on one column to craft a special query that returns all columns of the table. The highest threat from this vulnerability is to confidentiality.

Key dates

02Disclosure timeline

February 23, 2021 CVE published
August 3, 2024 Record updated