{"id":"CVE-2017-7548","details":"PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no privileges on a large object to overwrite the entire contents of the object, resulting in a denial of service.","modified":"2026-03-12T22:40:33.726209Z","published":"2017-08-16T18:29:00.287Z","related":["MGASA-2017-0316","SUSE-SU-2017:2236-1","SUSE-SU-2017:2258-1","SUSE-SU-2017:2355-1","SUSE-SU-2017:2356-1"],"references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/100276"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1039142"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:2677"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:2678"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201710-06"},{"type":"ADVISORY","url":"https://www.postgresql.org/about/news/1772/"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3935"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3936"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-7548.json","unresolved_ranges":[{"events":[{"introduced":"9.4"},{"fixed":"9.4.13"}]},{"events":[{"introduced":"9.5"},{"fixed":"9.5.8"}]},{"events":[{"introduced":"9.6"},{"fixed":"9.6.4"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}]}