Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

SUSE SLES15 Security Update : postgresql14 (SUSE-SU-2025:03019-2)

🗓️ 14 Oct 2025 00:00:00Reported by TenableType 
nessus
 nessus🔗 www.tenable.com👁 2 Views

SUSE SLES15 PostgreSQL update to 14.19 fixes CVE-2025-8713, CVE-2025-8714, CVE-2025-8715.

Related
Refs
Code
ReporterTitlePublishedViews
Family
GithubExploit		Exploit for CVE-2025-8714
31 Aug 202515:11
githubexploit
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in PostgreSQL affect PowerVM VIOS
29 Apr 202618:54
ibm
Tenable Nessus		Amazon Linux 2023 : postgresql17, postgresql17-contrib, postgresql17-llvmjit (ALAS2023-2025-1158)
8 Sep 202500:00
nessus
Tenable Nessus		Amazon Linux 2023 : postgresql15, postgresql15-contrib, postgresql15-llvmjit (ALAS2023-2025-1165)
8 Sep 202500:00
nessus
Tenable Nessus		Amazon Linux 2023 : postgresql16, postgresql16-contrib, postgresql16-llvmjit (ALAS2023-2025-1177)
15 Sep 202500:00
nessus
Tenable Nessus		Amazon Linux 2 : postgresql, --advisory ALAS2-2025-3035 (ALAS-2025-3035)
15 Oct 202500:00
nessus
Tenable Nessus		Amazon Linux 2 : postgresql, --advisory ALAS2POSTGRESQL13-2025-012 (ALASPOSTGRESQL13-2025-012)
5 Sep 202500:00
nessus
Tenable Nessus		Amazon Linux 2 : postgresql, --advisory ALAS2POSTGRESQL14-2025-019 (ALASPOSTGRESQL14-2025-019)
5 Sep 202500:00
nessus
Tenable Nessus		Alibaba Cloud Linux 3 : 0150: postgresql:13 (ALINUX3-SA-2025:0150)
8 Sep 202500:00
nessus
Tenable Nessus		AlmaLinux 10 : postgresql16 (ALSA-2025:14826)
9 Oct 202500:00
nessus
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2025:03019-2. The text itself
# is copyright (C) SUSE.
##

include('compat.inc');

if (description)
{
  script_id(270310);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/21");

  script_cve_id("CVE-2025-8713", "CVE-2025-8714", "CVE-2025-8715");
  script_xref(name:"SuSE", value:"SUSE-SU-2025:03019-2");
  script_xref(name:"IAVB", value:"2025-B-0140-S");

  script_name(english:"SUSE SLES15 Security Update : postgresql14 (SUSE-SU-2025:03019-2)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as
referenced in the SUSE-SU-2025:03019-2 advisory.

    Upgrade to 14.19:

    - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table
    (bsc#1248120).
    - CVE-2025-8714: untrusted data inclusion in `pg_dump` lets superuser of origin server execute arbitrary
    code in psql
      client (bsc#1248122).
    - CVE-2025-8715: improper neutralization of newlines in `pg_dump` allows execution of arbitrary code in
    psql client and
      in restore target server (bsc#1248119).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1248119");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1248120");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1248122");
  script_set_attribute(attribute:"see_also", value:"https://lists.suse.com/pipermail/sle-updates/2025-October/042113.html");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2025-8713");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2025-8714");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2025-8715");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-8715");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2025/08/14");
  script_set_attribute(attribute:"patch_publication_date", value:"2025/10/13");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/10/14");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql14");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql14-contrib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql14-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql14-docs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql14-plperl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql14-plpython");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql14-pltcl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql14-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql14-server-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql14-test");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2025-2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)(?:_SAP)?\d+)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES15|SLES_SAP15)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);

var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLES15" && (! preg(pattern:"^(7)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES15 SP7", os_ver + " SP" + service_pack);
if (os_ver == "SLES_SAP15" && (! preg(pattern:"^(7)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES_SAP15 SP7", os_ver + " SP" + service_pack);

var pkgs = [
    {'reference':'postgresql14-14.19-150600.16.20.1', 'sp':'7', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.7']},
    {'reference':'postgresql14-contrib-14.19-150600.16.20.1', 'sp':'7', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.7']},
    {'reference':'postgresql14-devel-14.19-150600.16.20.1', 'sp':'7', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.7']},
    {'reference':'postgresql14-docs-14.19-150600.16.20.1', 'sp':'7', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.7']},
    {'reference':'postgresql14-plperl-14.19-150600.16.20.1', 'sp':'7', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.7']},
    {'reference':'postgresql14-plpython-14.19-150600.16.20.1', 'sp':'7', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.7']},
    {'reference':'postgresql14-pltcl-14.19-150600.16.20.1', 'sp':'7', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.7']},
    {'reference':'postgresql14-server-14.19-150600.16.20.1', 'sp':'7', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.7']},
    {'reference':'postgresql14-server-devel-14.19-150600.16.20.1', 'sp':'7', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.7']},
    {'reference':'postgresql14-test-14.19-150600.16.20.1', 'sp':'7', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.7']},
    {'reference':'postgresql14-14.19-150600.16.20.1', 'sp':'7', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.7', 'sle-module-legacy-release-15.7', 'sles-release-15.7']},
    {'reference':'postgresql14-contrib-14.19-150600.16.20.1', 'sp':'7', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.7', 'sle-module-legacy-release-15.7', 'sles-release-15.7']},
    {'reference':'postgresql14-devel-14.19-150600.16.20.1', 'sp':'7', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.7', 'sle-module-legacy-release-15.7', 'sles-release-15.7']},
    {'reference':'postgresql14-docs-14.19-150600.16.20.1', 'sp':'7', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.7', 'sle-module-legacy-release-15.7', 'sles-release-15.7']},
    {'reference':'postgresql14-plperl-14.19-150600.16.20.1', 'sp':'7', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.7', 'sle-module-legacy-release-15.7', 'sles-release-15.7']},
    {'reference':'postgresql14-plpython-14.19-150600.16.20.1', 'sp':'7', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.7', 'sle-module-legacy-release-15.7', 'sles-release-15.7']},
    {'reference':'postgresql14-pltcl-14.19-150600.16.20.1', 'sp':'7', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.7', 'sle-module-legacy-release-15.7', 'sles-release-15.7']},
    {'reference':'postgresql14-server-14.19-150600.16.20.1', 'sp':'7', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.7', 'sle-module-legacy-release-15.7', 'sles-release-15.7']},
    {'reference':'postgresql14-server-devel-14.19-150600.16.20.1', 'sp':'7', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.7', 'sle-module-legacy-release-15.7', 'sles-release-15.7']},
    {'reference':'postgresql14-test-14.19-150600.16.20.1', 'sp':'7', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.7', 'sle-module-legacy-release-15.7', 'sles-release-15.7']}
];

var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
  var reference = NULL;
  var _release = NULL;
  var sp = NULL;
  var _cpu = NULL;
  var exists_check = NULL;
  var rpm_spec_vers_cmp = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) _release = package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (reference && _release) {
    if (exists_check) {
      var check_flag = 0;
      foreach var check (exists_check) {
        if (!rpm_exists(release:_release, rpm:check)) continue;
        check_flag++;
      }
      if (!check_flag) continue;
    }
    if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'postgresql14 / postgresql14-contrib / postgresql14-devel / etc');
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
21 Jan 2026 00:00Current
8.3High risk
Vulners AI Score8.3
CVSS 3.18.8
EPSS0.00085
SSVC
PostgreSQL updateCVE 2025 8713CVE 2025 8714CVE 2025 8715
2