When A Vulnerability is Not a Vulnerability — Sometimes intentional features can get recorded as ‘vulnerabilities’ for the record, such as with CVE-2019-9193 and Postgres’s COPY TO/FROM PROGRAM feature. If you administer a Postgres system at all, it’s worth knowing about in case it has abuse potential on your deployment.
Appears in lists (1)
More like this (4)
Postgres 11.4, 10.9, 9.6.14, 9.5.18, 9.4.23, and 12 Beta 2 Released — A bumper set of...
Using pg_cron to Automatically Schedule Database Tasks — pg_cron is a Postgres extension that runs a...
How to Set Up Vuls, an Agentless Vulnerability Scanner Written in Go