SUSE-SU-2025:02842-1 Security update for postgresql13

This update for postgresql13 fixes the following issues: Upgrade to 13.22: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. - CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code ...

BIT-POSTGRESQL-2025-8715 PostgreSQL pg_dump newline in object name executes arbitrary code in psql client and in restore target server

Improper neutralization of newlines in pgdump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name. The same attacks...

BIT-POSTGRESQL-2025-8714 PostgreSQL pg_dump lets superuser of origin server execute arbitrary code in psql client

Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pgdumpall is also affected. pgrestore is affected...

BIT-POSTGRESQL-2025-8713 PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table

PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this...

database/sql: Postgres Scan Race Condition

A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leadin...

database/sql: Postgres Scan Race Condition

A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leadin...

PT-2025-33673 · Aiven · Aiven-Db-Migrate

Name of the Vulnerable Software and Affected Versions: aiven-db-migrate versions prior to 1.0.7 Description: aiven-db-migrate is a database migration tool. A privilege escalation issue exists that could allow elevation to superuser inside PostgreSQL databases during a migration from an untrusted...

PT-2025-33672 · Aiven · Aiven-Db-Migrate

Name of the Vulnerable Software and Affected Versions: aiven-db-migrate versions prior to 1.0.7 Description: aiven-db-migrate is a database migration tool. A privilege escalation issue exists that allows a user to elevate to superuser inside PostgreSQL databases during a migration from an untrust...

Linux Distros Unpatched Vulnerability : CVE-2020-25694

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that...

Linux Distros Unpatched Vulnerability : CVE-2024-10976

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and...

Linux Distros Unpatched Vulnerability : CVE-2024-10977

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to the libpq...

Linux Distros Unpatched Vulnerability : CVE-2024-23835

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.3, excessive memory u...

Linux Distros Unpatched Vulnerability : CVE-2021-22880

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service REDoS vulnerability. Carefully...

Linux Distros Unpatched Vulnerability : CVE-2024-10978

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires...

postgresql16-16.10-1.1 on GA media (moderate)

postgresql16-16.10-1.1 on GA media Announcement ID: openSUSE-SU-2025:15454-1 Rating: moderate Cross-References: CVE-2025-8713 CVE-2025-8714 CVE-2025-8715 CVSS scores: CVE-2025-8713 SUSE : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2025-8713 SUSE : 5.3...

postgresql15-15.14-1.1 on GA media (moderate)

postgresql15-15.14-1.1 on GA media Announcement ID: openSUSE-SU-2025:15453-1 Rating: moderate Cross-References: CVE-2025-8713 CVE-2025-8714 CVE-2025-8715 CVSS scores: CVE-2025-8713 SUSE : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2025-8713 SUSE : 5.3...

postgresql13-13.22-1.1 on GA media (moderate)

postgresql13-13.22-1.1 on GA media Announcement ID: openSUSE-SU-2025:15451-1 Rating: moderate Cross-References: CVE-2025-8713 CVE-2025-8714 CVE-2025-8715 CVSS scores: CVE-2025-8713 SUSE : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2025-8713 SUSE : 5.3...

postgresql14-14.19-1.1 on GA media (moderate)

postgresql14-14.19-1.1 on GA media Announcement ID: openSUSE-SU-2025:15452-1 Rating: moderate Cross-References: CVE-2025-8713 CVE-2025-8714 CVE-2025-8715 CVSS scores: CVE-2025-8713 SUSE : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2025-8713 SUSE : 5.3...

OPENSUSE-SU-2025:15451-1 postgresql14-14.19-1.1 on GA media

These are all security issues fixed in the postgresql14-14.19-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15452-1 postgresql15-15.14-1.1 on GA media

These are all security issues fixed in the postgresql15-15.14-1.1 package on the GA media of openSUSE Tumbleweed...