An investigation into PostgreSQL for a fictitious organisation. Completed for an assessment in CMP417.
Within their organisation, their modifications to their database version allowed a security fault to be introduced into the software, specifically CWE-787 which is an out-of-bounds write. This would cause the vulnerability CVE-2019-10164, which could be devastating if an attacker were able to exploit this.
To remediate this, static analysis tools and manual code review were recommended to fix these type of issues in the future, and therefore fix the vulnerability affecting the database.
Grade: A+