VYPR

rpm package

suse/postgresql17&distro=SUSE Manager Proxy LTS 4.3

pkg:rpm/suse/postgresql17&distro=SUSE%20Manager%20Proxy%20LTS%204.3

Vulnerabilities (3)

  • CVE-2025-8715HigAug 14, 2025
    affected < 17.6-150200.5.16.1fixed 17.6-150200.5.16.1

    Improper neutralization of newlines in pg_dump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name

  • CVE-2025-8714HigAug 14, 2025
    affected < 17.6-150200.5.16.1fixed 17.6-150200.5.16.1

    Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pg_dumpall is also affected.

  • CVE-2025-8713LowAug 14, 2025
    affected < 17.6-150200.5.16.1fixed 17.6-150200.5.16.1

    PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data availab