rpm package
suse/postgresql13-pgvector&distro=SUSE Linux Enterprise Server for SAP applications 16.0
pkg:rpm/suse/postgresql13-pgvector&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-3172 | Hig | 8.1 | < 0.8.2-160000.1.1 | 0.8.2-160000.1.1 | Feb 25, 2026 | Buffer overflow in parallel HNSW index build in pgvector 0.6.0 through 0.8.1 allows a database user to leak sensitive data from other relations or crash the database server. | |
| CVE-2025-12818 | Med | 5.9 | < 0.8.1-160000.1.1 | 0.8.1-160000.1.1 | Nov 13, 2025 | Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundreds of megabytes. This results in a segmentation fault for the application usin | |
| CVE-2025-12817 | Low | 3.1 | < 0.8.1-160000.1.1 | 0.8.1-160000.1.1 | Nov 13, 2025 | Missing authorization in PostgreSQL CREATE STATISTICS command allows a table owner to achieve denial of service against other CREATE STATISTICS users by creating in any schema. A later CREATE STATISTICS for the same name, from a user having the CREATE privilege, would then fail. |
- affected < 0.8.2-160000.1.1fixed 0.8.2-160000.1.1
Buffer overflow in parallel HNSW index build in pgvector 0.6.0 through 0.8.1 allows a database user to leak sensitive data from other relations or crash the database server.
- affected < 0.8.1-160000.1.1fixed 0.8.1-160000.1.1
Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundreds of megabytes. This results in a segmentation fault for the application usin
- affected < 0.8.1-160000.1.1fixed 0.8.1-160000.1.1
Missing authorization in PostgreSQL CREATE STATISTICS command allows a table owner to achieve denial of service against other CREATE STATISTICS users by creating in any schema. A later CREATE STATISTICS for the same name, from a user having the CREATE privilege, would then fail.