CVE-2023-22847

Published: Mar 7, 2023

Modified: Mar 6, 2025

PUBLISHED

Description

Information disclosure vulnerability exists in pg_ivm versions prior to 1.5.1. An Incrementally Maintainable Materialized View (IMMV) created by pg_ivm may reflect rows with Row-Level Security that the owner of the IMMV should not have access to. As a result, information in tables protected by Row-Level Security may be retrieved by a user who is not authorized to access it.

Vendor	Product	Versions
IVM Development Group	pg_ivm	affected `versions prior to 1.5.1`

References

https://github.com/sraoss/pg_ivm

https://github.com/sraoss/pg_ivm/releases/tag/v1.5.1

https://jvn.jp/en/jp/JVN19872280/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-22847

Description

Affected Products

References