{"id":"CVE-2021-38140","details":"The set_user extension module before 2.0.1 for PostgreSQL allows a potential privilege escalation using RESET SESSION AUTHORIZATION after set_user().","modified":"2026-04-12T01:57:23.702889Z","published":"2021-08-10T18:15:07.263Z","references":[{"type":"ADVISORY","url":"https://github.com/pgaudit/set_user/releases/tag/REL2_0_1"},{"type":"FIX","url":"https://github.com/pgaudit/set_user/compare/REL2_0_0...REL2_0_1"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/pgaudit/set_user","events":[{"introduced":"0"},{"fixed":"7ae26e582ac81ba520417daeca43cd43efccb33e"}],"database_specific":{"cpe":"cpe:2.3:a:set_user_project:set_user:*:*:*:*:*:postgresql:*:*","extracted_events":[{"introduced":"0"},{"fixed":"2.0.1"}],"source":["CPE_FIELD","REFERENCES"]}}],"versions":["REL1_0_0","REL1_0_1","REL1_1_0","REL1_2_0","REL1_3_0","REL1_4_0","REL1_5_0","REL1_6_0","REL1_6_1","REL1_6_2","REL1_6_2-rc","REL2_0_0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-38140.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}