{"id":"CVE-2023-22847","details":"Information disclosure vulnerability exists in pg_ivm versions prior to 1.5.1. An Incrementally Maintainable Materialized View (IMMV) created by pg_ivm may reflect rows with Row-Level Security that the owner of the IMMV should not have access to. As a result, information in tables protected by Row-Level Security may be retrieved by a user who is not authorized to access it.","modified":"2026-04-12T07:24:55.693140Z","published":"2023-03-07T01:15:10.300Z","references":[{"type":"ADVISORY","url":"https://github.com/sraoss/pg_ivm/releases/tag/v1.5.1"},{"type":"ADVISORY","url":"https://jvn.jp/en/jp/JVN19872280/"},{"type":"PACKAGE","url":"https://github.com/sraoss/pg_ivm"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/sraoss/pg_ivm","events":[{"introduced":"0"},{"fixed":"a81c657223261ecb565036020eeb8ffacfe938ea"}],"database_specific":{"source":["CPE_FIELD","REFERENCES"],"cpe":"cpe:2.3:a:sraoss:pg_ivm:*:*:*:*:*:postgresql:*:*","extracted_events":[{"introduced":"0"},{"fixed":"1.5.1"}]}}],"versions":["1.3","v1.0","v1.0-alpha","v1.1","v1.2","v1.3","v1.4","v1.4.1","v1.5"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-22847.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}]}