5 matches found
Amazon Linux 2023 : postgresql17, postgresql17-contrib, postgresql17-llvmjit (ALAS2023-2025-1158)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1158 advisory. PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy...
postgresql: PostgreSQL executes arbitrary code in restore operation
A flaw was found in PostgreSQL. This vulnerability allows a malicious user of the PostgreSQL server to inject arbitrary code in dump files created by pgdump, pgdumpall, pgrestore, and pgupgrade, causing arbitrary code execution on the client machine or SQL injection when these dump files are...
Security update for postgresql15
This update for postgresql15 fixes the following issues: Upgrade to 15.14: CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code in...
SUSE-SU-2025:03018-1 Security update for postgresql15
This update for postgresql15 fixes the following issues: Upgrade to 15.14: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. - CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code ...
postgresql: PostgreSQL executes arbitrary code in restore operation
A flaw was found in PostgreSQL. This vulnerability allows a malicious user of the PostgreSQL server to inject arbitrary code in dump files created by pgdump, pgdumpall, pgrestore, and pgupgrade, causing arbitrary code execution on the client machine or SQL injection when these dump files are...