Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
pgAgent scheduled batch job scripts are created in a predictable temporary directory potentially allowing a denial of service
Vulnerability Description
When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator is used when generating the directory name, leading to the possibility for a local attacker to pre-create the directory and thus prevent pgAgent from executing jobs, disrupting scheduled tasks.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
可预测问题
Vulnerability Title
pgAgent 安全漏洞
Vulnerability Description
pgAgent是pgAdmin Project开源的一个 PostgreSQL 的作业调度程序。 pgAgent 4.2.3之前版本存在安全漏洞,该漏洞源于生成目录名时使用的随机数生成器初始化不足,导致本地攻击者可预先创建目录来阻止pgAgent执行作业,从而扰乱计划任务。
CVSS Information
N/A
Vulnerability Type
N/A