High severity8.8NVD Advisory· Published Aug 14, 2025· Updated Apr 15, 2026
CVE-2025-8715
CVE-2025-8715
Description
Improper neutralization of newlines in pg_dump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name. The same attacks can achieve SQL injection as a superuser of the restore target server. pg_dumpall, pg_restore, and pg_upgrade are also affected. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected. Versions before 11.20 are unaffected. CVE-2012-0868 had fixed this class of problem, but version 11.20 reintroduced it.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
127- Range: >= 11.20, < 13.22, >= 13.22? actually versions before 17.6, 16.10, 15.14, 14.19, 13.22 are affected; those versions are 17.x < 17.6, 16.x < 16.10, 15.x < 15.14, 14.x < 14.19, 13.x < 13.22; also version 11.20 reintroduced
- osv-coords126 versionspkg:bitnami/postgresqlpkg:rpm/almalinux/pgauditpkg:rpm/almalinux/pg_repackpkg:rpm/almalinux/pgvectorpkg:rpm/almalinux/postgres-decoderbufspkg:rpm/almalinux/postgresqlpkg:rpm/almalinux/postgresql-contribpkg:rpm/almalinux/postgresql-docspkg:rpm/almalinux/postgresql-plperlpkg:rpm/almalinux/postgresql-plpython3pkg:rpm/almalinux/postgresql-pltclpkg:rpm/almalinux/postgresql-private-develpkg:rpm/almalinux/postgresql-private-libspkg:rpm/almalinux/postgresql-serverpkg:rpm/almalinux/postgresql-server-develpkg:rpm/almalinux/postgresql-staticpkg:rpm/almalinux/postgresql-testpkg:rpm/almalinux/postgresql-test-rpm-macrospkg:rpm/almalinux/postgresql-upgradepkg:rpm/almalinux/postgresql-upgrade-develpkg:rpm/opensuse/postgresql13&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/postgresql13&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/postgresql14&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/postgresql14&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/postgresql15&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/postgresql15&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/postgresql16&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/postgresql16&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/postgresql17&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/postgresql17&distro=openSUSE%20Tumbleweedpkg:rpm/suse/postgresql13&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/postgresql13&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/postgresql13&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/postgresql13&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/postgresql13&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/postgresql13&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/postgresql13&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/postgresql13&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/postgresql13&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/postgresql13&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/postgresql14&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP6pkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP7pkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP3pkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP4pkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5pkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/postgresql14&distro=SUSE%20Manager%20Proxy%20LTS%204.3pkg:rpm/suse/postgresql14&distro=SUSE%20Manager%20Server%20LTS%204.3pkg:rpm/suse/postgresql15&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP6pkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP7pkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP3pkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP4pkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/postgresql15&distro=SUSE%20Manager%20Proxy%20LTS%204.3pkg:rpm/suse/postgresql15&distro=SUSE%20Manager%20Server%20LTS%204.3pkg:rpm/suse/postgresql16&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP7pkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP6pkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP7pkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/postgresql16&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/postgresql16&distro=SUSE%20Manager%20Proxy%20LTS%204.3pkg:rpm/suse/postgresql16&distro=SUSE%20Manager%20Server%20LTS%204.3pkg:rpm/suse/postgresql17&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5pkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP6pkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP7pkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/postgresql17&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/postgresql17&distro=SUSE%20Manager%20Proxy%20LTS%204.3pkg:rpm/suse/postgresql17&distro=SUSE%20Manager%20Server%20LTS%204.3
>= 11.20.0, < 13.22.0+ 125 more
- (no CPE)range: >= 11.20.0, < 13.22.0
- (no CPE)range: < 16.0-1.module_el9.4.0+66+eb9878bc
- (no CPE)range: < 1.5.1-1.module_el9.6.0+146+c54fdeca
- (no CPE)range: < 0.6.2-2.module_el9.6.0+167+4e561146
- (no CPE)range: < 2.4.0-1.Final.module_el9.4.0+66+eb9878bc
- (no CPE)range: < 16.10-1.module_el9.6.0+174+80cb77f0
- (no CPE)range: < 16.10-1.module_el9.6.0+174+80cb77f0
- (no CPE)range: < 16.10-1.module_el9.6.0+174+80cb77f0
- (no CPE)range: < 16.10-1.module_el9.6.0+174+80cb77f0
- (no CPE)range: < 16.10-1.module_el9.6.0+174+80cb77f0
- (no CPE)range: < 16.10-1.module_el9.6.0+174+80cb77f0
- (no CPE)range: < 16.10-1.module_el9.6.0+174+80cb77f0
- (no CPE)range: < 16.10-1.module_el9.6.0+174+80cb77f0
- (no CPE)range: < 16.10-1.module_el9.6.0+174+80cb77f0
- (no CPE)range: < 16.10-1.module_el9.6.0+174+80cb77f0
- (no CPE)range: < 16.10-1.module_el9.6.0+174+80cb77f0
- (no CPE)range: < 16.10-1.module_el9.6.0+174+80cb77f0
- (no CPE)range: < 16.10-1.el10_0
- (no CPE)range: < 16.10-1.module_el9.6.0+174+80cb77f0
- (no CPE)range: < 16.10-1.module_el9.6.0+174+80cb77f0
- (no CPE)range: < 13.22-150600.14.11.1
- (no CPE)range: < 13.22-1.1
- (no CPE)range: < 14.19-150600.16.20.1
- (no CPE)range: < 14.19-1.1
- (no CPE)range: < 15.14-150600.16.20.1
- (no CPE)range: < 15.14-1.1
- (no CPE)range: < 16.10-150600.16.21.1
- (no CPE)range: < 16.10-1.1
- (no CPE)range: < 17.6-150600.13.16.1
- (no CPE)range: < 17.6-1.1
- (no CPE)range: < 13.22-150200.5.75.2
- (no CPE)range: < 13.22-150200.5.75.2
- (no CPE)range: < 13.22-150200.5.75.2
- (no CPE)range: < 13.22-150200.5.75.2
- (no CPE)range: < 13.22-3.66.1
- (no CPE)range: < 13.22-150200.5.75.2
- (no CPE)range: < 13.22-150200.5.75.2
- (no CPE)range: < 13.22-150200.5.75.2
- (no CPE)range: < 13.22-150200.5.75.2
- (no CPE)range: < 13.22-3.66.1
- (no CPE)range: < 14.19-150200.5.61.1
- (no CPE)range: < 14.19-150200.5.61.1
- (no CPE)range: < 14.19-150200.5.61.1
- (no CPE)range: < 14.19-150200.5.61.1
- (no CPE)range: < 14.19-150600.16.20.1
- (no CPE)range: < 14.19-150600.16.20.1
- (no CPE)range: < 14.19-150200.5.61.1
- (no CPE)range: < 14.19-150200.5.61.1
- (no CPE)range: < 14.19-150200.5.61.1
- (no CPE)range: < 14.19-150600.16.20.1
- (no CPE)range: < 14.19-150600.16.20.1
- (no CPE)range: < 14.19-3.60.1
- (no CPE)range: < 14.19-150200.5.61.1
- (no CPE)range: < 14.19-150200.5.61.1
- (no CPE)range: < 14.19-150200.5.61.1
- (no CPE)range: < 14.19-150200.5.61.1
- (no CPE)range: < 14.19-150200.5.61.1
- (no CPE)range: < 14.19-150200.5.61.1
- (no CPE)range: < 14.19-3.60.1
- (no CPE)range: < 14.19-150200.5.61.1
- (no CPE)range: < 14.19-150200.5.61.1
- (no CPE)range: < 15.14-150200.5.44.1
- (no CPE)range: < 15.14-150200.5.44.1
- (no CPE)range: < 15.14-150200.5.44.1
- (no CPE)range: < 15.14-150200.5.44.1
- (no CPE)range: < 15.14-150200.5.44.1
- (no CPE)range: < 15.14-150200.5.44.1
- (no CPE)range: < 15.14-150600.16.20.1
- (no CPE)range: < 15.14-150600.16.20.1
- (no CPE)range: < 15.14-150200.5.44.1
- (no CPE)range: < 15.14-150200.5.44.1
- (no CPE)range: < 15.14-3.44.1
- (no CPE)range: < 15.14-150200.5.44.1
- (no CPE)range: < 15.14-150200.5.44.1
- (no CPE)range: < 15.14-150200.5.44.1
- (no CPE)range: < 15.14-150200.5.44.1
- (no CPE)range: < 15.14-150200.5.44.1
- (no CPE)range: < 15.14-150200.5.44.1
- (no CPE)range: < 15.14-3.44.1
- (no CPE)range: < 15.14-150200.5.44.1
- (no CPE)range: < 15.14-150200.5.44.1
- (no CPE)range: < 16.10-150200.5.32.1
- (no CPE)range: < 16.10-150200.5.32.1
- (no CPE)range: < 16.10-150200.5.32.1
- (no CPE)range: < 16.10-150200.5.32.1
- (no CPE)range: < 16.10-150200.5.32.1
- (no CPE)range: < 16.10-150200.5.32.1
- (no CPE)range: < 16.10-150600.16.21.1
- (no CPE)range: < 16.10-150600.16.21.1
- (no CPE)range: < 16.10-150600.16.21.1
- (no CPE)range: < 16.10-150600.16.21.1
- (no CPE)range: < 16.10-150600.16.21.1
- (no CPE)range: < 16.10-150600.16.21.1
- (no CPE)range: < 16.10-3.32.1
- (no CPE)range: < 16.10-150200.5.32.1
- (no CPE)range: < 16.10-150200.5.32.1
- (no CPE)range: < 16.10-150200.5.32.1
- (no CPE)range: < 16.10-150200.5.32.1
- (no CPE)range: < 16.10-150200.5.32.1
- (no CPE)range: < 16.10-150200.5.32.1
- (no CPE)range: < 16.10-3.32.1
- (no CPE)range: < 16.10-150200.5.32.1
- (no CPE)range: < 16.10-150200.5.32.1
- (no CPE)range: < 17.6-150200.5.16.1
- (no CPE)range: < 17.6-150200.5.16.1
- (no CPE)range: < 17.6-150200.5.16.1
- (no CPE)range: < 17.6-150200.5.16.1
- (no CPE)range: < 17.6-150200.5.16.1
- (no CPE)range: < 17.6-150200.5.16.1
- (no CPE)range: < 17.6-150600.13.16.1
- (no CPE)range: < 17.6-150600.13.16.1
- (no CPE)range: < 17.6-150200.5.16.1
- (no CPE)range: < 17.6-150600.13.16.1
- (no CPE)range: < 17.6-150600.13.16.1
- (no CPE)range: < 17.6-150600.13.16.1
- (no CPE)range: < 17.6-150600.13.16.1
- (no CPE)range: < 17.6-3.16.1
- (no CPE)range: < 17.6-150200.5.16.1
- (no CPE)range: < 17.6-150200.5.16.1
- (no CPE)range: < 17.6-150200.5.16.1
- (no CPE)range: < 17.6-150200.5.16.1
- (no CPE)range: < 17.6-150200.5.16.1
- (no CPE)range: < 17.6-150200.5.16.1
- (no CPE)range: < 17.6-3.16.1
- (no CPE)range: < 17.6-150200.5.16.1
- (no CPE)range: < 17.6-150200.5.16.1
Patches
Vulnerability mechanics
References
1News mentions
1- GitLab Patch Release: 18.4.1, 18.3.3, 18.2.7GitLab Security Releases · Sep 25, 2025