CVE-2022-2625

Name
CVE-2022-2625
Description
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to run arbitrary code as the victim role, which may be a superuser.
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://bugzilla.redhat.com/show_bug.cgi?id=2113825
MISC https://www.postgresql.org/about/news/postgresql-145-138-1212-1117-1022-and-15-beta-3-released-2496/
MISC https://access.redhat.com/security/cve/CVE-2022-2625
GENTOO https://security.gentoo.org/glsa/202211-04

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:* postgresql >= 10.0 < 10.22
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:* postgresql >= 11.0 < 11.17
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:* postgresql >= 12.0 < 12.12
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:* postgresql >= 13.0 < 13.8
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:* postgresql >= 14.0 < 14.5
cpe:2.3:a:postgresql:postgresql:15:beta2:*:*:*:*:*:* postgresql == None == 15

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
postgresql15 edge-main 14.5-r0 None fixed
postgresql15 edge-community 14.5-r0 None fixed
postgresql15 3.20-main 14.5-r0 None fixed
postgresql15 3.19-main 14.5-r0 None fixed
postgresql15 3.18-main 14.5-r0 None fixed
postgresql15 3.17-main 14.5-r0 None fixed
postgresql14 edge-main 14.5-r0 Jakub Jirutka <jakub@jirutka.cz> fixed
postgresql14 edge-community 14.5-r0 None fixed
postgresql14 3.20-community 14.5-r0 None fixed
postgresql14 3.19-community 14.5-r0 None fixed
postgresql14 3.18-main 14.5-r0 None fixed
postgresql14 3.17-main 14.5-r0 None fixed
postgresql13 edge-main 13.8-r0 Jakub Jirutka <jakub@jirutka.cz> fixed
postgresql13 edge-community 13.8-r0 None fixed
postgresql13 3.19-community 13.8-r0 None fixed
postgresql13 3.18-community 13.8-r0 None fixed
postgresql13 3.17-community 13.8-r0 None fixed
postgresql12 edge-community 12.12-r0 Jakub Jirutka <jakub@jirutka.cz> fixed
postgresql12 3.18-community 12.12-r0 None fixed
postgresql12 3.17-community 12.12-r0 None fixed
postgresql edge-main 14.1-r0 Jakub Jirutka <jakub@jirutka.cz> fixed
postgresql edge-main 13.4-r0 Jakub Jirutka <jakub@jirutka.cz> possibly vulnerable
postgresql edge-main 13.3-r0 Jakub Jirutka <jakub@jirutka.cz> possibly vulnerable
postgresql edge-main 13.2-r0 None possibly vulnerable
postgresql edge-main 12.5-r0 None possibly vulnerable
postgresql edge-main 12.4-r0 None possibly vulnerable
postgresql edge-main 12.2-r0 None possibly vulnerable
postgresql edge-main 11.5-r0 None possibly vulnerable
postgresql edge-main 11.4-r0 None possibly vulnerable
postgresql edge-main 11.3-r0 None possibly vulnerable
postgresql edge-main 11.1-r0 None possibly vulnerable
postgresql edge-main 10.5-r0 None possibly vulnerable
postgresql edge-main 10.4-r0 None possibly vulnerable
postgresql edge-main 10.3-r0 None possibly vulnerable
postgresql edge-main 10.2-r0 None possibly vulnerable
postgresql edge-main 10.1-r0 None possibly vulnerable