129 matches found
Astra Linux – Vulnerability in PostgresSQL-15
Inclusion of untrusted data in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for execution during the restore process, as the client operating system account running psql restores the dump using psql meta-commands. pgdumpall is also affected...
EUVD-2017-3367
Malware in sbrugna...
EUVD-2020-18357
Malware in sbrugna...
OESA-2025-2240 libpq security update
PostgreSQL is a powerful, open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. This package provides the essential shared library for any PostgreSQL client program or...
SUSE-SU-2025:03005-2 Security update for postgresql16
This update for postgresql16 fixes the following issues: Upgraded to 16.10: CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view, partition, or child table bsc1248120 CVE-2025-8714: Fixed untrusted data inclusion in pgdump allows superuser of origin server to execute...
MGASA-2025-0230 Updated postgresql15 & postgresql13 packages fix security vulnerabilities
PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table. CVE-2025-8713 PostgreSQL pgdump lets superuser of origin server execute arbitrary code in psql client. CVE-2025-8714 PostgreSQL pgdump newline in object name executes arbitrary code in psql client an...
Alibaba Cloud Linux 3 : 0150: postgresql:13 (ALINUX3-SA-2025:0150)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0150 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-8714: Untrusted data inclusion in...
PostgreSQL pg_dump lets superuser of origin server execute arbitrary code in psql client
...
SUSE-SU-2025:03018-2 Security update for postgresql15
This update for postgresql15 fixes the following issues: Upgrade to 15.14: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. - CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code ...
postgresql: PostgreSQL code execution in restore operation
A flaw was found in PostgreSQL. This vulnerability allows a malicious superuser on a PostgreSQL server to inject arbitrary code into dump files created by pgdump, pgdumpall, and pgrestore, causing arbitrary code execution on the client machine when these dump files are restored by psql due to...
postgresql: PostgreSQL code execution in restore operation
A flaw was found in PostgreSQL. This vulnerability allows a malicious superuser on a PostgreSQL server to inject arbitrary code into dump files created by pgdump, pgdumpall, and pgrestore, causing arbitrary code execution on the client machine when these dump files are restored by psql due to...
SUSE SLES15 / openSUSE 15 Security Update : postgresql14 (SUSE-SU-2025:03019-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03019-1 advisory. Upgrade to 14.19: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child...
Security update for postgresql14
This update for postgresql14 fixes the following issues: Upgrade to 14.19: CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code in...
SUSE-SU-2025:03019-1 Security update for postgresql14
This update for postgresql14 fixes the following issues: Upgrade to 14.19: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. - CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code ...
SUSE-SU-2025:03018-1 Security update for postgresql15
This update for postgresql15 fixes the following issues: Upgrade to 15.14: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. - CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code ...
postgresql: PostgreSQL code execution in restore operation
A flaw was found in PostgreSQL. This vulnerability allows a malicious superuser on a PostgreSQL server to inject arbitrary code into dump files created by pgdump, pgdumpall, and pgrestore, causing arbitrary code execution on the client machine when these dump files are restored by psql due to...
postgresql: PostgreSQL code execution in restore operation
A flaw was found in PostgreSQL. This vulnerability allows a malicious superuser on a PostgreSQL server to inject arbitrary code into dump files created by pgdump, pgdumpall, and pgrestore, causing arbitrary code execution on the client machine when these dump files are restored by psql due to...
SUSE SLES12 Security Update : postgresql15 (SUSE-SU-2025:03004-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03004-1 advisory. Upgrade to 15.14: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. -...
SUSE-SU-2025:03003-1 Security update for postgresql13
This update for postgresql13 fixes the following issues: Upgrade to 13.22: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. - CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code ...
SUSE-SU-2025:02994-1 Security update for postgresql13
This update for postgresql13 fixes the following issues: Upgrade to 13.22: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. - CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code ...