QwikSec

Security Database

CVE

CWE

Training

CVE-2021-22028

Published: Nov 19, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

In versions of Greenplum database prior to 5.28.6 and 6.14.0, greenplum database contains a file path traversal vulnerability leading to information disclosure from the file system. A malicious user can read/write information from the file system using this vulnerability.

Vendor	Product	Versions
n/a	gpfdist (Greenplum)	affected `gpfdist (Greenplum) versions 6.x.0 prior to 6.14.0 and 5.28.x prior to 5.28.6`

Weaknesses (CWE)

References

https://github.com/greenplum-db/gpdb/security/advisories/GHSA-hqh5-m87w-57w2

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.