BDU:2026-07098

BDU

High

Уязвимость функции lo_export(), lo_read(), lo_lseek64() и lo_tell64() клиентской библиотеке libpq системы управления базами данных PostgreS…

CVSS

8.8

High

EPSS

0.00

Published

2026-01-01

Updated

2026-01-01

Description

Уязвимость функции lo_export(), lo_read(), lo_lseek64() и lo_tell64() клиентской библиотеке libpq системы управления базами данных PostgreSQL связана с использованием изначально опасной функции. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, перезаписать память стека pg_dump или psql

Tags · CWE

Pre-auth

Affected products

Novell inc. Suse manager proxyNovell inc. Suse manager proxyNovell inc. Suse manager proxyNovell inc. Suse manager proxyNovell inc. Suse manager proxyNovell inc. Suse manager proxyNovell inc. Suse manager proxyNovell inc. Suse manager proxyNovell inc. Suse manager proxyNovell inc. Suse manager proxyNovell inc. Suse manager proxyNovell inc. Suse manager proxyNovell inc. Suse manager proxyNovell inc. Suse manager proxyNovell inc. Suse manager proxyNovell inc. Suse manager proxyNovell inc. Suse manager proxyPostgres professional Postgres pro certifiedPostgres professional Postgres pro certifiedPostgres professional Postgres pro certified

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Timeline

2026-01-01

Published

2026-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: N

Network (N)

Attack Complexity

AC: L

Low (L)

Privileges Required

PR: N

None (N)

User Interaction

UI: R

Required (R)

Scope

S: U

Unchanged (U)

Confidentiality Impact

C: H

High (H)

Integrity Impact

I: H

High (H)

Availability Impact

A: H

High (H)

Exploit indicators

EPSS

0.000 · p0

Known exploited (KEV)

Known exploits — Сканер-ВС

No Сканер-ВС checks registered for this vulnerability yet.

Affected software

Product	Vendor	Status
suse manager proxy	novell inc.	Tracked
suse manager proxy	novell inc.	Tracked
suse manager proxy	novell inc.	Tracked
suse manager proxy	novell inc.	Tracked
suse manager proxy	novell inc.	Tracked
suse manager proxy	novell inc.	Tracked
suse manager proxy	novell inc.	Tracked
suse manager proxy	novell inc.	Tracked
suse manager proxy	novell inc.	Tracked
suse manager proxy	novell inc.	Tracked
suse manager proxy	novell inc.	Tracked
suse manager proxy	novell inc.	Tracked
suse manager proxy	novell inc.	Tracked
suse manager proxy	novell inc.	Tracked
suse manager proxy	novell inc.	Tracked
suse manager proxy	novell inc.	Tracked
suse manager proxy	novell inc.	Tracked
postgres pro certified	postgres professional	Tracked
postgres pro certified	postgres professional	Tracked
postgres pro certified	postgres professional	Tracked

Source databases

BDU

Related vulnerabilities

CVE-2026-6477

External references

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2026-6477@https://www.postgresql.org/support/security/CVE-2026-6477/@https://www.postgresql.org/about/news/postgresql-184-1710-1614-1518-and-1423-released-3297/@https://security-tracker.debian.org/tracker/CVE-2026-6477@https://www.cybersecurity-help.cz/vdb/vulns/131459/@https://www.suse.com/security/cve/CVE-2026-6477.html@https://platformv.sbertech.ru/@https://sbertech.ru/products/platformv@https://cve.basealt.ru/@https://redos.red-soft.ru/product/red-os/@https://altsp.su/obnovleniya-bezopasnosti/