What the vulnerability does

01Description

schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code.

Key dates

02Disclosure timeline

June 9, 2023 CVE published
June 4, 2025 Record updated