CVE-2023-39417
HIGH8.8EPSS 0.66%Postgresql: extension script @substitutions@ within quoting allow sql injection
Published: 8/11/2023Modified: 4/28/2026
Description
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.
Affected packages (10)
- Alpine/postgresqlfrom 0, < 13.12-r0
- Alpine/postgresql13from 0, < 13.12-r0
- Alpine/postgresql14from 0, < 14.9-r0
- Alpine/postgresql15from 0, < 15.4-r0
- Bitnami/postgresql>= 11.0.0, < 11.21.0, >= 12.0.0, < 12.16.0, >= 13.0.0, < 13.12.0, >= 14.0.0, < 14.9.0, >= 15.0.0, < 15.4.0
- Debian/postgresql-11from 0, < 11.21-0+deb10u2
- Debian/postgresql-13from 0, < 13.13-0+deb11u1
- Debian/postgresql-13from 0, < 13.13-0+deb11u1
- Debian/postgresql-15from 0, < 15.5-0+deb12u1
- Debian/postgresql-15from 0, < 15.5-0+deb12u1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
References (31)
- ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2023-39417
- ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2023-39417
- WEBhttps://access.redhat.com/errata/RHSA-2023:7545
- WEBhttps://access.redhat.com/errata/RHSA-2023:7579
- WEBhttps://access.redhat.com/errata/RHSA-2023:7580
- WEBhttps://access.redhat.com/errata/RHSA-2023:7581
- WEBhttps://access.redhat.com/errata/RHSA-2023:7616
- WEBhttps://access.redhat.com/errata/RHSA-2023:7656
- WEBhttps://access.redhat.com/errata/RHSA-2023:7666
- WEBhttps://access.redhat.com/errata/RHSA-2023:7667
- WEBhttps://access.redhat.com/errata/RHSA-2023:7694
- WEBhttps://access.redhat.com/errata/RHSA-2023:7695
- WEBhttps://access.redhat.com/errata/RHSA-2023:7714
- WEBhttps://access.redhat.com/errata/RHSA-2023:7770
- WEBhttps://access.redhat.com/errata/RHSA-2023:7772
- WEBhttps://access.redhat.com/errata/RHSA-2023:7784
- WEBhttps://access.redhat.com/errata/RHSA-2023:7785
- WEBhttps://access.redhat.com/errata/RHSA-2023:7883
- WEBhttps://access.redhat.com/errata/RHSA-2023:7884
- WEBhttps://access.redhat.com/errata/RHSA-2023:7885
- WEBhttps://access.redhat.com/errata/RHSA-2024:0304
- WEBhttps://access.redhat.com/errata/RHSA-2024:0332
- WEBhttps://access.redhat.com/errata/RHSA-2024:0337
- WEBhttps://access.redhat.com/security/cve/CVE-2023-39417
- WEBhttps://bugzilla.redhat.com/show_bug.cgi?id=2228111
- WEBhttps://lists.debian.org/debian-lts-announce/2023/10/msg00003.html
- WEBhttps://nvd.nist.gov/vuln/detail/CVE-2023-39417
- WEBhttps://security.netapp.com/advisory/ntap-20230915-0002/
- WEBhttps://www.debian.org/security/2023/dsa-5553
- WEBhttps://www.debian.org/security/2023/dsa-5554
- WEBhttps://www.postgresql.org/support/security/CVE-2023-39417