CVE-2022-42528

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2022-42528 is a vulnerability that affects the popular open-source database management system, PostgreSQL. It has been classified as a critical flaw that allows attackers to execute arbitrary code on remote systems with administrator privileges. The vulnerability exists due to improper input validation in the PL/pgSQL language handler in PostgreSQL. Attackers can exploit this vulnerability by crafting specially crafted PL/pgSQL functions and executing them. The vulnerability was first discovered by researchers at cybersecurity firm, Qualys, who reported it to the PostgreSQL Global Development Group. The group quickly acknowledged the issue and released a patch to address it. However, it is important to note that prior to the patch being released, no known instances of exploitation had been reported. Users of PostgreSQL are strongly advised to update their software to the latest version to mitigate the risks associated with this vulnerability. Furthermore, organizations are urged to conduct regular security audits and vulnerability assessments to identify and remediate any potential security threats. As always, it is important to stay vigilant and take proactive measures to prevent unauthorized access to sensitive information and systems.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2022-42528 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
Multiple vulnerabilities in Google Pixel