Candidate: CVE-2021-20229
PublicDate: 2021-02-23 18:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20229
 https://www.postgresql.org/about/news/postgresql-132-126-1111-1016-9621-and-9525-released-2165/
Description:
 A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a
 user with SELECT privilege on one column to craft a special query that
 returns all columns of the table. The highest threat from this
 vulnerability is to confidentiality.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by: Sven Klemm
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N [4.3 MEDIUM]


Patches_postgresql-13:
upstream_postgresql-13: released (13.2-1)
precise/esm_postgresql-13: DNE
trusty_postgresql-13: ignored (out of standard support)
trusty/esm_postgresql-13: DNE
xenial_postgresql-13: DNE
bionic_postgresql-13: DNE
focal_postgresql-13: DNE
groovy_postgresql-13: DNE
devel_postgresql-13: released (13.2-1)