Lucene search
K

256 matches found

OSV
OSV
added 2025/08/14 1:15 p.m.2 views

DEBIAN-CVE-2025-8713

PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this...

3.1CVSS6AI score0.00205EPSS
Exploits0References1
OSV
OSV
added 2025/08/14 1:15 p.m.9 views

CVE-2025-8713

PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this...

3.1CVSS7.8AI score0.00205EPSS
Exploits0References1
NVD
NVD
added 2025/08/14 1:15 p.m.8 views

CVE-2025-8713

PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this...

3.1CVSS0.00205EPSS
Exploits0References1
OSV
OSV
added 2025/08/14 1:15 p.m.7 views

UBUNTU-CVE-2025-8713

PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this...

3.1CVSS7.1AI score0.00205EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/08/14 1:0 p.m.4 views

CVE-2025-8713 PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table

PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this...

3.1CVSS7AI score0.00205EPSS
Exploits0References1
Snyk
Snyk
added 2025/08/14 1:0 p.m.0 views

Exposure of Sensitive Information Through Metadata

Overview Affected versions of this package are vulnerable to Exposure of Sensitive Information Through Metadata via optimizer statistics. An attacker can access sensitive sampled data by querying views, partitions, or child tables by crafting a leaky operator that bypasses view access control lis...

4.3CVSS7.2AI score0.00205EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/14 1:0 p.m.14 views

CVE-2025-8713 PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table

PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this...

3.1CVSS0.00205EPSS
Exploits0References1
CVE
CVE
added 2025/08/14 1:0 p.m.83 views

CVE-2025-8713

CVE-2025-8713 concerns PostgreSQL: attacker can read sampled statistics data (e.g., histograms, most-common-values) from columns via optimizer statistics, potentially bypassing view ACLs and row security policies in partitioning/inheritance hierarchies. Affected: PostgreSQL versions prior to 17.6...

3.1CVSS7AI score0.00205EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/08/14 1:0 p.m.4 views

CVE-2025-8713

PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this...

3.1CVSS6AI score0.00205EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/08/14 1:0 p.m.4 views

CVE-2025-8713

PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this...

3.1CVSS7.1AI score0.00205EPSS
Exploits0
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.4 views

PostgreSQL 安全漏洞

PostgreSQL is a free object-relational database management system from the PostgreSQL organization. The system supports most of the SQL standards and provides many other features such as foreign keys, triggers, views, and more. A security vulnerability exists in PostgreSQL versions 17.6, 16.10,...

3.1CVSS7.8AI score0.00205EPSS
Exploits0References3
PostrgeSql
PostrgeSql
added 2025/08/14 12:0 a.m.41 views

Vulnerability in core server (CVE-2025-8713)

PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intende...

3.1CVSS6.6AI score0.00205EPSS
Exploits0References1Affected Software1
F5 Networks
F5 Networks
added 2025/08/08 7:50 p.m.8 views

K000152931: Multiple PostgreSQL vulnerabilities

Security Advisory Description CVE-2023-2455 Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other...

8.8CVSS7.8AI score0.04322EPSS
Exploits0
Broadcom
Broadcom
added 2025/07/08 12:0 a.m.15 views

Multiple vulnerabilities detected in PostgreSQL

Multiple PostgreSQL vulnerability updates CVE-2025-1094-PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2024-10979-PostgreSQL PL/Perl environment variable changes execute arbitrary code CVE-2024-10978-PostgreSQL SET ROLE, SET SESSION AUTHORIZATI...

10CVSS8.4AI score0.89472EPSS
Exploits11
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.3 views

TencentOS Server 3: postgresql:15 (TSSA-2024:1121)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:1121 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.8CVSS7.3AI score0.04422EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.4 views

TencentOS Server 4: postgresql (TSSA-2024:0559)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0559 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

8.8CVSS7.5AI score0.01572EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.3 views

TencentOS Server 3: postgresql:12 (TSSA-2024:1120)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:1120 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.8CVSS7.3AI score0.04422EPSS
Exploits1References4
F5 Networks
F5 Networks
added 2025/02/07 11:22 a.m.21 views

K000149707: PostgreSQL vulnerability CVE-2024-10976

Security Advisory Description Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a...

5.4CVSS6.2AI score0.00786EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/12/23 12:0 a.m.19 views

Amazon Linux 2 : postgresql (ALASPOSTGRESQL14-2024-014)

The version of postgresql installed on the remote host is prior to 14.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2POSTGRESQL14-2024-014 advisory. Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change...

8.8CVSS7.3AI score0.04422EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2024/12/23 12:0 a.m.23 views

Amazon Linux 2 : libpq (ALASPOSTGRESQL14-2024-015)

The version of libpq installed on the remote host is prior to 14.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2POSTGRESQL14-2024-015 advisory. Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different...

8.8CVSS7.3AI score0.04422EPSS
Exploits1References10
Rows per page
Query Builder