High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables
Cybersecurity researchers have disclosed a high-severity security flaw in the PostgreSQL open-source database system that could allow unprivileged users to alter environment variables, and potentially lead to code execution or information disclosure.
The vulnerability, tracked as CVE-2024-10979, carries a CVSS score of 8.8.
Environment variables are user-defined values that can allow a program to dynamically fetch various kinds of information, such as access keys and software installation paths, during runtime without having to hard-code them. In certain operating systems, they are initialized during the startup phase.
See more
The Hackers News: https://thehackernews.com/2024/11/high-severity-flaw-in-postgresql-allows.html
Hackread:
https://hackread.com/postgresql-vulnerability-puts-databases-at-risk/
#cybersecurity #postgres
Oddbean new post about login | logout