CVE-2026-2360

{"id": "CVE-2026-2360", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.0, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 1.3}]}, "published": "2026-02-11T18:16:08.153", "references": [{"url": "https://gitlab.com/dalibo/postgresql_anonymizer/-/blob/latest/NEWS.md", "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007"}, {"url": "https://gitlab.com/dalibo/postgresql_anonymizer/-/issues/616", "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007"}, {"url": "https://www.postgresql.org/docs/current/ddl-schemas.html#DDL-SCHEMAS-PATH", "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "description": [{"lang": "en", "value": "CWE-427"}]}], "descriptions": [{"lang": "en", "value": "PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a custom operator in the public schema and place malicious code in that operator. This operator will later be executed with superuser privileges when the extension is created. The risk is higher with PostgreSQL 14 or with instances upgraded from PostgreSQL 14 or a prior version. With PostgreSQL 15 and later, the creation permission on the public schema is revoked by default and this exploit can only be achieved if a superuser adds a new schema in her/his own search_path and grants the CREATE privilege on that schema to untrusted users, both actions being clearly discouraged by the PostgreSQL documentation. The problem is resolved in PostgreSQL Anonymizer 3.0.1 and further versions"}, {"lang": "es", "value": "PostgreSQL Anonymizer contiene una vulnerabilidad que permite a un usuario obtener privilegios de superusuario al crear un operador personalizado en el esquema p\u00fablico y colocar c\u00f3digo malicioso en ese operador. Este operador ser\u00e1 ejecutado posteriormente con privilegios de superusuario cuando la extensi\u00f3n sea creada. El riesgo es mayor con PostgreSQL 14 o con instancias actualizadas desde PostgreSQL 14 o una versi\u00f3n anterior. Con PostgreSQL 15 y posteriores, el permiso de creaci\u00f3n en el esquema p\u00fablico es revocado por defecto y este exploit solo puede lograrse si un superusuario a\u00f1ade un nuevo esquema en su propio search_path y otorga el privilegio CREATE en ese esquema a usuarios no confiables, ambas acciones siendo claramente desaconsejadas por la documentaci\u00f3n de PostgreSQL. El problema est\u00e1 resuelto en PostgreSQL Anonymizer 3.0.1 y versiones posteriores."}], "lastModified": "2026-04-15T00:35:42.020", "sourceIdentifier": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007"}