Medium severity5.9NVD Advisory· Published May 8, 2025· Updated Apr 15, 2026
CVE-2025-4207
CVE-2025-4207
Description
Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 14.18, and 13.21 are affected.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
107- Range: < 17.5, < 16.9, < 15.13, < 14.18, < 13.21
- osv-coords106 versionspkg:bitnami/postgresqlpkg:rpm/opensuse/postgresql13&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/postgresql13&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/postgresql14&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/postgresql14&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/postgresql15&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/postgresql15&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/postgresql16&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/postgresql16&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/postgresql17&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/postgresql17&distro=openSUSE%20Tumbleweedpkg:rpm/suse/postgresql13&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/postgresql13&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/postgresql13&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/postgresql13&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/postgresql13&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/postgresql13&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/postgresql13&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/postgresql13&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/postgresql13&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/postgresql13&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/postgresql14&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP6pkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP3pkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP4pkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5pkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/postgresql14&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/postgresql14&distro=SUSE%20Manager%20Server%204.3pkg:rpm/suse/postgresql15&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP6pkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP7pkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/postgresql15&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/postgresql15&distro=SUSE%20Manager%20Server%204.3pkg:rpm/suse/postgresql16&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP7pkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP4pkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5pkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP6pkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP7pkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/postgresql16&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/postgresql16&distro=SUSE%20Manager%20Server%204.3pkg:rpm/suse/postgresql17&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5pkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP6pkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP7pkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/postgresql17&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/postgresql17&distro=SUSE%20Manager%20Server%204.3
< 13.21.0+ 105 more
- (no CPE)range: < 13.21.0
- (no CPE)range: < 13.21-150600.14.8.1
- (no CPE)range: < 13.21-1.1
- (no CPE)range: < 14.18-150600.16.17.1
- (no CPE)range: < 14.18-1.1
- (no CPE)range: < 15.13-150600.16.17.1
- (no CPE)range: < 15.13-1.1
- (no CPE)range: < 16.9-150600.16.18.1
- (no CPE)range: < 16.9-1.1
- (no CPE)range: < 17.5-150600.13.13.1
- (no CPE)range: < 17.5-1.1
- (no CPE)range: < 13.21-150200.5.72.1
- (no CPE)range: < 13.21-150200.5.72.1
- (no CPE)range: < 13.21-150200.5.72.1
- (no CPE)range: < 13.21-150200.5.72.1
- (no CPE)range: < 13.21-3.63.1
- (no CPE)range: < 13.21-150200.5.72.1
- (no CPE)range: < 13.21-150200.5.72.1
- (no CPE)range: < 13.21-150200.5.72.1
- (no CPE)range: < 13.21-150200.5.72.1
- (no CPE)range: < 13.21-3.63.1
- (no CPE)range: < 14.18-150200.5.58.1
- (no CPE)range: < 14.18-150200.5.58.1
- (no CPE)range: < 14.18-150200.5.58.1
- (no CPE)range: < 14.18-150200.5.58.1
- (no CPE)range: < 14.18-150600.16.17.1
- (no CPE)range: < 14.18-150200.5.58.1
- (no CPE)range: < 14.18-150200.5.58.1
- (no CPE)range: < 14.18-150200.5.58.1
- (no CPE)range: < 14.18-150600.16.17.1
- (no CPE)range: < 14.18-150600.16.17.1
- (no CPE)range: < 14.18-3.57.1
- (no CPE)range: < 14.18-150200.5.58.1
- (no CPE)range: < 14.18-150200.5.58.1
- (no CPE)range: < 14.18-150200.5.58.1
- (no CPE)range: < 14.18-150200.5.58.1
- (no CPE)range: < 14.18-150200.5.58.1
- (no CPE)range: < 14.18-150200.5.58.1
- (no CPE)range: < 14.18-3.57.1
- (no CPE)range: < 14.18-150200.5.58.1
- (no CPE)range: < 14.18-150200.5.58.1
- (no CPE)range: < 15.13-150200.5.41.1
- (no CPE)range: < 15.13-150200.5.41.1
- (no CPE)range: < 15.13-150200.5.41.1
- (no CPE)range: < 15.13-150200.5.41.1
- (no CPE)range: < 15.13-150200.5.41.1
- (no CPE)range: < 15.13-150200.5.41.1
- (no CPE)range: < 15.13-150600.16.17.1
- (no CPE)range: < 15.13-150600.16.17.1
- (no CPE)range: < 15.13-3.41.1
- (no CPE)range: < 15.13-150200.5.41.1
- (no CPE)range: < 15.13-150200.5.41.1
- (no CPE)range: < 15.13-150200.5.41.1
- (no CPE)range: < 15.13-150200.5.41.1
- (no CPE)range: < 15.13-150200.5.41.1
- (no CPE)range: < 15.13-150200.5.41.1
- (no CPE)range: < 15.13-3.41.1
- (no CPE)range: < 15.13-150200.5.41.1
- (no CPE)range: < 15.13-150200.5.41.1
- (no CPE)range: < 16.9-150200.5.29.1
- (no CPE)range: < 16.9-150200.5.29.1
- (no CPE)range: < 16.9-150200.5.29.1
- (no CPE)range: < 16.9-150200.5.29.1
- (no CPE)range: < 16.9-150200.5.29.1
- (no CPE)range: < 16.9-150200.5.29.1
- (no CPE)range: < 16.9-150600.16.18.1
- (no CPE)range: < 16.9-150600.16.18.1
- (no CPE)range: < 16.9-150200.5.29.1
- (no CPE)range: < 16.9-150200.5.29.1
- (no CPE)range: < 16.9-150600.16.18.1
- (no CPE)range: < 16.9-150600.16.18.1
- (no CPE)range: < 16.9-150600.16.18.1
- (no CPE)range: < 16.9-150600.16.18.1
- (no CPE)range: < 16.9-3.29.1
- (no CPE)range: < 16.9-150200.5.29.1
- (no CPE)range: < 16.9-150200.5.29.1
- (no CPE)range: < 16.9-150200.5.29.1
- (no CPE)range: < 16.9-150200.5.29.1
- (no CPE)range: < 16.9-150200.5.29.1
- (no CPE)range: < 16.9-150200.5.29.1
- (no CPE)range: < 16.9-3.29.1
- (no CPE)range: < 16.9-150200.5.29.1
- (no CPE)range: < 16.9-150200.5.29.1
- (no CPE)range: < 17.5-150200.5.13.1
- (no CPE)range: < 17.5-150200.5.13.1
- (no CPE)range: < 17.5-150200.5.13.1
- (no CPE)range: < 17.5-150200.5.13.1
- (no CPE)range: < 17.5-150200.5.13.1
- (no CPE)range: < 17.5-150200.5.13.1
- (no CPE)range: < 17.5-150600.13.13.1
- (no CPE)range: < 17.5-150600.13.13.1
- (no CPE)range: < 17.5-150200.5.13.1
- (no CPE)range: < 17.5-150600.13.13.1
- (no CPE)range: < 17.5-150600.13.13.1
- (no CPE)range: < 17.5-150600.13.13.1
- (no CPE)range: < 17.5-150600.13.13.1
- (no CPE)range: < 17.5-3.13.1
- (no CPE)range: < 17.5-150200.5.13.1
- (no CPE)range: < 17.5-150200.5.13.1
- (no CPE)range: < 17.5-150200.5.13.1
- (no CPE)range: < 17.5-150200.5.13.1
- (no CPE)range: < 17.5-150200.5.13.1
- (no CPE)range: < 17.5-150200.5.13.1
- (no CPE)range: < 17.5-3.13.1
- (no CPE)range: < 17.5-150200.5.13.1
- (no CPE)range: < 17.5-150200.5.13.1
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.