suse · CVE-2017-7486

Quick triage

Priority: medium Published: 2021-05-30 13:54:42 UTC Updated: 2025-10-05 02:22:09 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2017-7486 severity moderate: SUSE including 60 source package names (libecpg6-10.10-1.15.1, libecpg6-10.5-1.3.1, …), 122 product×package rows across 25 product lines (SUSE Liberty Linux 7, SUSE Linux Enterprise Desktop 12 SP2, … (25 product lines)): Fixed 122.

Description:

PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server.

cvelogic Threat Intelligence