rpm package
suse/postgresql17&distro=SUSE Manager Proxy LTS 4.3
pkg:rpm/suse/postgresql17&distro=SUSE%20Manager%20Proxy%20LTS%204.3
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-8715 | Hig | 8.8 | < 17.6-150200.5.16.1 | 17.6-150200.5.16.1 | Aug 14, 2025 | Improper neutralization of newlines in pg_dump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name | |
| CVE-2025-8714 | Hig | 8.8 | < 17.6-150200.5.16.1 | 17.6-150200.5.16.1 | Aug 14, 2025 | Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pg_dumpall is also affected. | |
| CVE-2025-8713 | Low | 3.1 | < 17.6-150200.5.16.1 | 17.6-150200.5.16.1 | Aug 14, 2025 | PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data availab |
- affected < 17.6-150200.5.16.1fixed 17.6-150200.5.16.1
Improper neutralization of newlines in pg_dump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name
- affected < 17.6-150200.5.16.1fixed 17.6-150200.5.16.1
Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pg_dumpall is also affected.
- affected < 17.6-150200.5.16.1fixed 17.6-150200.5.16.1
PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data availab