rpm package
suse/postgresql15&distro=SUSE Linux Enterprise Module for Package Hub 15 SP3
pkg:rpm/suse/postgresql15&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP3
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-8715 | Hig | 8.8 | < 15.14-150200.5.44.1 | 15.14-150200.5.44.1 | Aug 14, 2025 | Improper neutralization of newlines in pg_dump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name | |
| CVE-2025-8714 | Hig | 8.8 | < 15.14-150200.5.44.1 | 15.14-150200.5.44.1 | Aug 14, 2025 | Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pg_dumpall is also affected. | |
| CVE-2025-8713 | Low | 3.1 | < 15.14-150200.5.44.1 | 15.14-150200.5.44.1 | Aug 14, 2025 | PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data availab |
- affected < 15.14-150200.5.44.1fixed 15.14-150200.5.44.1
Improper neutralization of newlines in pg_dump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name
- affected < 15.14-150200.5.44.1fixed 15.14-150200.5.44.1
Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pg_dumpall is also affected.
- affected < 15.14-150200.5.44.1fixed 15.14-150200.5.44.1
PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data availab