CVE-2023-5869
Published: Dec 10, 2023
Modified: Mar 11, 2026
CVSS v3.1
8.8
Description
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory.
| Vendor | Product | Versions |
|---|---|---|
Red Hat | Red Hat Advanced Cluster Security 4.2 | unaffected 4.2.4-6 - < * |
Red Hat | Red Hat Advanced Cluster Security 4.2 | unaffected 4.2.4-6 - < * |
Red Hat | Red Hat Advanced Cluster Security 4.2 | unaffected 4.2.4-7 - < * |
Red Hat | Red Hat Advanced Cluster Security 4.2 | unaffected 4.2.4-6 - < * |
Red Hat | Red Hat Advanced Cluster Security 4.2 | unaffected 4.2.4-7 - < * |
Red Hat | Red Hat Enterprise Linux 7 | unaffected 0:9.2.24-9.el7_9 - < * |
Red Hat | Red Hat Enterprise Linux 8 | unaffected 8090020231114113712.a75119d5 - < * |
Red Hat | Red Hat Enterprise Linux 8 | unaffected 8090020231128173330.a75119d5 - < * |
Red Hat | Red Hat Enterprise Linux 8 | unaffected 8090020231201202407.a75119d5 - < * |
Red Hat | Red Hat Enterprise Linux 8 | unaffected 8090020231114113548.a75119d5 - < * |
Red Hat | Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions | unaffected 8010020231130170510.c27ad7f8 - < * |
Red Hat | Red Hat Enterprise Linux 8.2 Advanced Update Support | unaffected 8020020231128165246.4cda2c84 - < * |
Red Hat | Red Hat Enterprise Linux 8.2 Advanced Update Support | unaffected 8020020231201202149.4cda2c84 - < * |
Red Hat | Red Hat Enterprise Linux 8.2 Telecommunications Update Service | unaffected 8020020231128165246.4cda2c84 - < * |
Red Hat | Red Hat Enterprise Linux 8.2 Telecommunications Update Service | unaffected 8020020231201202149.4cda2c84 - < * |
Red Hat | Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions | unaffected 8020020231128165246.4cda2c84 - < * |
Red Hat | Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions | unaffected 8020020231201202149.4cda2c84 - < * |
Red Hat | Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | unaffected 8040020231127153301.522a0ee4 - < * |
Red Hat | Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | unaffected 8040020231127154806.522a0ee4 - < * |
Red Hat | Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | unaffected 8040020231127142440.522a0ee4 - < * |
Red Hat | Red Hat Enterprise Linux 8.4 Telecommunications Update Service | unaffected 8040020231127153301.522a0ee4 - < * |
Red Hat | Red Hat Enterprise Linux 8.4 Telecommunications Update Service | unaffected 8040020231127154806.522a0ee4 - < * |
Red Hat | Red Hat Enterprise Linux 8.4 Telecommunications Update Service | unaffected 8040020231127142440.522a0ee4 - < * |
Red Hat | Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | unaffected 8040020231127153301.522a0ee4 - < * |
Red Hat | Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | unaffected 8040020231127154806.522a0ee4 - < * |
Red Hat | Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | unaffected 8040020231127142440.522a0ee4 - < * |
Red Hat | Red Hat Enterprise Linux 8.6 Extended Update Support | unaffected 8060020231114115246.ad008a3a - < * |
Red Hat | Red Hat Enterprise Linux 8.6 Extended Update Support | unaffected 8060020231128165328.ad008a3a - < * |
Red Hat | Red Hat Enterprise Linux 8.6 Extended Update Support | unaffected 8060020231201202249.ad008a3a - < * |
Red Hat | Red Hat Enterprise Linux 8.8 Extended Update Support | unaffected 8080020231114105206.63b34585 - < * |
Red Hat | Red Hat Enterprise Linux 8.8 Extended Update Support | unaffected 8080020231128165335.63b34585 - < * |
Red Hat | Red Hat Enterprise Linux 8.8 Extended Update Support | unaffected 8080020231201202316.63b34585 - < * |
Red Hat | Red Hat Enterprise Linux 8.8 Extended Update Support | unaffected 8080020231113134015.63b34585 - < * |
Red Hat | Red Hat Enterprise Linux 9 | unaffected 0:13.13-1.el9_3 - < * |
Red Hat | Red Hat Enterprise Linux 9 | unaffected 9030020231120082734.rhel9 - < * |
Red Hat | Red Hat Enterprise Linux 9.0 Extended Update Support | unaffected 0:13.13-1.el9_0 - < * |
Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support | unaffected 0:13.13-1.el9_2 - < * |
Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support | unaffected 9020020231115020618.rhel9 - < * |
Red Hat | Red Hat Software Collections for Red Hat Enterprise Linux 7 | unaffected 0:12.17-1.el7 - < * |
Red Hat | Red Hat Software Collections for Red Hat Enterprise Linux 7 | unaffected 0:10.23-2.el7 - < * |
Red Hat | Red Hat Software Collections for Red Hat Enterprise Linux 7 | unaffected 0:13.13-1.el7 - < * |
Red Hat | RHACS-3.74-RHEL-8 | unaffected 3.74.8-9 - < * |
Red Hat | RHACS-3.74-RHEL-8 | unaffected 3.74.8-9 - < * |
Red Hat | RHACS-3.74-RHEL-8 | unaffected 3.74.8-7 - < * |
Red Hat | RHACS-3.74-RHEL-8 | unaffected 3.74.8-9 - < * |
Red Hat | RHACS-3.74-RHEL-8 | unaffected 3.74.8-9 - < * |
Red Hat | RHACS-4.1-RHEL-8 | unaffected 4.1.6-6 - < * |
Red Hat | RHACS-4.1-RHEL-8 | unaffected 4.1.6-6 - < * |
Red Hat | RHACS-4.1-RHEL-8 | unaffected 4.1.6-6 - < * |
Red Hat | RHACS-4.1-RHEL-8 | unaffected 4.1.6-6 - < * |
Red Hat | RHACS-4.1-RHEL-8 | unaffected 4.1.6-6 - < * |
Red Hat | Red Hat Enterprise Linux 6 | All versions |
Red Hat | Red Hat Enterprise Linux 8 | All versions |
Red Hat | Red Hat Enterprise Linux 9 | All versions |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now