CVE-2021-20229 vulnerability in PostgreSQL and Other Products
Published on February 23, 2021
A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privilege on one column to craft a special query that returns all columns of the table. The highest threat from this vulnerability is to confidentiality.
Weakness Type
What is an AuthZ Vulnerability?
The software performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.
CVE-2021-20229 has been classified to as an AuthZ vulnerability or weakness.
Products Associated with CVE-2021-20229
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-20229 are published in these products:
Exploit Probability
EPSS
0.09%
Percentile
24.83%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.