A vulnerability in PostgreSQL Anonymizer allows a user to gain superuser privileges. By creating a JSON document and placing malicious code inside a particular key-value pair, an attacker can exploit this issue. If a superuser calls the import_database_rules() or import_roles_rules() functions, the malicious code is executed with superuser privileges. This vulnerability has a CVSS score of 6.4 and is clas [truncated]
A privilege escalation vulnerability in PostgreSQL Anonymizer allows authenticated database users to execute arbitrary code with superuser privileges when a superuser invokes the k-anonymity function on a maliciously crafted table. The attack vector involves embedding malicious code within column identifiers, which are then executed during function processing. The vulnerability is more readily exploitable [truncated]