Upgrade PostgreSQL today to avoid CVE-2024-7348 vulnerability

Elizabet Oliveira

Community

Community Picks is a section on daily.dev where our community members share the most interesting and valuable content they've discovered online. From insightful articles to handy tools, every post is a gem curated by our dedicated coomunity. To contribute to Community Picks, you need to have at least 250 reputation points, ensuring that only active and trusted members can share their finds.

Community Picks

A critical security vulnerability, CVE-2024-7348, impacts PostgreSQL versions 12 through 16, allowing attackers to execute arbitrary SQL code during `pg_dump` operations. The PostgreSQL team has released minor updates that fix this TOCTOU race condition vulnerability by introducing a new server parameter, `restrict_nonsystem_relation_kind`. Users are urged to upgrade immediately and review their setup, including user permissions, to avoid potential data compromise.

Why you should upgrade PostgreSQL today

Why Should You Upgrade Your PostgreSQL Today? 🦉