Lucene search
+L

10 matches found

nessus
nessus
added 2025/11/20 12:0 a.m.15 views

Oracle Linux 7 : postgresql (ELSA-2025-16099)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-16099 advisory. - Restrict psql meta-commands in plain-text dumps Orabug: 38442031CVE-2025-8714 - Resolves CVE-2025-1094: Improper neutralization of quoting syntax in certain...

8.8CVSS7.9AI score0.89914EPSS
Exploits11References2
oraclelinux
oraclelinux
added 2025/11/19 12:0 a.m.9 views

postgresql security update

9.2.24-9.0.7 - Restrict psql meta-commands in plain-text dumps Orabug: 38442031CVE-2025-8714 9.2.24-9.0.5 - Resolves CVE-2025-1094: Improper neutralization of quoting syntax in certain - libpq functions Orabug: 37843176...

8.8CVSS7AI score0.89914EPSS
Exploits11
osv
osv
added 2025/09/12 2:24 p.m.4 views

OESA-2025-2240 libpq security update

PostgreSQL is a powerful, open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. This package provides the essential shared library for any PostgreSQL client program or...

8.8CVSS8.2AI score0.00736EPSS
Exploits1References4
susecve
susecve
added 2025/08/14 11:29 p.m.4 views

SUSE CVE-2025-8715

Improper neutralization of newlines in pgdump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name. The same attacks...

8.8CVSS8.5AI score0.00412EPSS
Exploits0References28
osv
osv
added 2025/08/14 1:15 p.m.4 views

ALPINE-CVE-2025-8715

Improper neutralization of newlines in pgdump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name. The same attacks...

8.8CVSS8.5AI score0.00412EPSS
Exploits0References1
osv
osv
added 2025/08/14 1:15 p.m.1 views

DEBIAN-CVE-2025-8714

Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pgdumpall is also affected. pgrestore is affected...

8.8CVSS7.2AI score0.00736EPSS
Exploits1References1
snyk
snyk
added 2025/08/14 1:0 p.m.2 views

CRLF Injection

Overview Affected versions of this package are vulnerable to CRLF Injection in the restore process via psql meta-commands inside a purpose-crafted object name. An attacker can execute arbitrary code by injecting meta commands into the file, which can be executed by an unknowing user during the...

8.8CVSS7.5AI score0.00412EPSS
Exploits0References2
snyk
snyk
added 2025/08/14 1:0 p.m.2 views

Inclusion of Functionality from Untrusted Control Sphere

Overview Affected versions of this package are vulnerable to Inclusion of Functionality from Untrusted Control Sphere when restoring from a plain-text dump file. An attacker can embed malicious psql meta-commands into dump files generated by pgdump --format=plain, pgdumpall, or pgrestore --file...

8.8CVSS7.7AI score0.00736EPSS
Exploits1References2
snyk
snyk
added 2025/08/14 1:0 p.m.2 views

CRLF Injection

Overview Affected versions of this package are vulnerable to CRLF Injection in the restore process via psql meta-commands inside a purpose-crafted object name. An attacker can execute arbitrary code by injecting meta commands into the file, which can be executed by an unknowing user during the...

8.8CVSS8AI score0.00412EPSS
Exploits0References2
alpinelinux
alpinelinux
added 2025/08/14 1:0 p.m.4 views

CVE-2025-8714

Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pgdumpall is also affected. pgrestore is affected...

8.8CVSS7.8AI score0.00736EPSS
Exploits1
Rows per page
Query Builder