High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables
High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables
15 November 2024
Cybersecurity researchers have disclosed a high-severity security flaw in the PostgreSQL open-source database system that could allow unprivileged users to alter environment variables, and potentially lead to code execution or information disclosure.
The vulnerability, tracked as CVE-2024-10979, carries a CVSS score of 8.8.
Environment variables are user-defined values that can allow a program