PT-2020-4891 · Postgresql+9 · Postgresql+9

Nick Cleaton

·

Published

2020-11-11

·

Updated

2026-01-30

·

CVE-2020-25696

CVSS v2.0

7.6

High

VectorAV:N/AC:H/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions: PostgreSQL versions prior to 13.1 PostgreSQL versions prior to 12.5 PostgreSQL versions prior to 11.10 PostgreSQL versions prior to 10.15 PostgreSQL versions prior to 9.6.20 PostgreSQL versions prior to 9.5.24
Description: A flaw was found in the psql interactive terminal of PostgreSQL. If an interactive psql session uses gset when querying a compromised server, the attacker can execute arbitrary code as the operating system account running psql. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Recommendations: For versions prior to 13.1, update to version 13.1 or later. For versions prior to 12.5, update to version 12.5 or later. For versions prior to 11.10, update to version 11.10 or later. For versions prior to 10.15, update to version 10.15 or later. For versions prior to 9.6.20, update to version 9.6.20 or later. For versions prior to 9.5.24, update to version 9.5.24 or later. As a temporary workaround, consider disabling the use of gset in interactive psql sessions until a patch is available.

Fix

Weakness Enumeration

CWE-697CWE-270CWE-183

Related Identifiers

ALSA-2020:5620
ALT-PU-2020-3311
ALT-PU-2020-3312
ALT-PU-2020-3313
ALT-PU-2020-3314
ALT-PU-2020-3315
ALT-PU-2020-3316
ALT-PU-2020-3320
ALT-PU-2020-3321
ALT-PU-2020-3456
ALT-PU-2020-3457
ALT-PU-2020-3458
ALT-PU-2020-3459
ALT-PU-2020-3460
ALT-PU-2021-1901
ALT-PU-2021-1903
ALT-PU-2021-1904
BDU:2020-05466
BIT-POSTGRESQL-2020-25696
CESA-2020_5401
CESA-2020_5567
CESA-2020_5619
CESA-2020_5620
CLEANSTART-2026-FW42039
CLEANSTART-2026-HJ04971
CVE-2020-25696
DLA-2478-1
ECHO-29D7-C7C3-A6CC
MGASA-2020-0432
OPENSUSE-SU-2020:2018-1
OPENSUSE-SU-2020:2019-1
OPENSUSE-SU-2020:2028-1
OPENSUSE-SU-2020:2029-1
OPENSUSE-SU-2020_2018-1
OPENSUSE-SU-2020_2019-1
OPENSUSE-SU-2020_2028-1
OPENSUSE-SU-2020_2029-1
OPENSUSE-SU-2021:0337-1
OPENSUSE-SU-2021_0337-1
OPENSUSE-SU-2024:11184-1
OPENSUSE-SU-2024:11185-1
OPENSUSE-SU-2024:11186-1
OPENSUSE-SU-2024:11187-1
OPENSUSE-SU-2024:12387-1
OPENSUSE-SU-2024:13243-1
OPENSUSE-SU-2024:14360-1
OPENSUSE-SU-2025:15580-1
RHSA-2020:5316
RHSA-2020:5317
RHSA-2020:5401
RHSA-2020:5567
RHSA-2020:5619
RHSA-2020:5620
RHSA-2020:5638
RHSA-2020:5661
RHSA-2020:5664
RHSA-2020_5401
RHSA-2020_5567
RHSA-2020_5619
RHSA-2020_5620
RHSA-2021:0057
RHSA-2021:0161
RHSA-2021:0163
RHSA-2021:0164
RHSA-2021:0165
RHSA-2021:0166
RHSA-2021:0167
RLSA-2020:5620
SUSE-SU-2020:3425-1
SUSE-SU-2020:3455-1
SUSE-SU-2020:3463-1
SUSE-SU-2020:3464-1
SUSE-SU-2020:3476-1
SUSE-SU-2020:3477-1
SUSE-SU-2020:3630-1
SUSE-SU-2021:0175-1
SUSE-SU-2021:0217-1
USN-4633-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Postgresql
Red Hat
Rocky Linux
Suse
Ubuntu