K000160172: PostgreSQL vulnerability CVE-2025-8714

Security Advisory Description Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pgdumpall is also...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: postgresql-13 (UTSA-2026-005334)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005334 advisory. Improper neutralization of newlines in pgdump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client...

CLSA-2025-1764773940 postgresql: Fix of CVE-2025-8714

CVE-2025-8714: Restrict restore-time code execution...

TencentOS Server 3: postgresql:12 (TSSA-2025:0817)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0817 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

TencentOS Server 3: postgresql:13 (TSSA-2025:0780)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0780 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Medium: postgresql

Issue Overview: Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pgdumpall is also affected...

Unity Linux 20.1070e Security Update: libpq (UTSA-2025-987407)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987407 advisory. Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client...

Unity Linux 20.1070e Security Update: libpq (UTSA-2025-987404)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987404 advisory. Improper neutralization of newlines in pgdump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client...

EUVD-2025-24809

Malicious code in bioql PyPI...

EUVD-2025-24810

Malicious code in bioql PyPI...

OESA-2025-2239 postgresql security update

PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine a...

Important: postgresql17

Issue Overview: PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available ...

Amazon Linux 2023 : postgresql17, postgresql17-contrib, postgresql17-llvmjit (ALAS2023-2025-1158)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1158 advisory. PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy...

Important: postgresql15

Issue Overview: PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available ...

OESA-2025-2139 libpq security update

PostgreSQL is a powerful, open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. This package provides the essential shared library for any PostgreSQL client program or...

OESA-2025-2138 libpq security update

PostgreSQL is a powerful, open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. This package provides the essential shared library for any PostgreSQL client program or...

OESA-2025-2137 libpq security update

PostgreSQL is a powerful, open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. This package provides the essential shared library for any PostgreSQL client program or...

Important: postgresql

Issue Overview: PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available ...

Linux Distros Unpatched Vulnerability : CVE-2025-8714

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the...

TencentOS Server 4: postgresql (TSSA-2025:0698)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0698 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...