Количество 51
Количество 51
CVE-2025-8714
Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pg_dumpall is also affected. pg_restore is affected when used to generate a plain-format dump. This is similar to MySQL CVE-2024-21096. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected.
CVE-2025-8714
Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pg_dumpall is also affected. pg_restore is affected when used to generate a plain-format dump. This is similar to MySQL CVE-2024-21096. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected.
CVE-2025-8714
Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pg_dumpall is also affected. pg_restore is affected when used to generate a plain-format dump. This is similar to MySQL CVE-2024-21096. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected.
CVE-2025-8714
PostgreSQL pg_dump lets superuser of origin server execute arbitrary code in psql client
CVE-2025-8714
Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious s ...
GHSA-6m5q-cc57-2mj6
Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pg_dumpall is also affected. pg_restore is affected when used to generate a plain-format dump. This is similar to MySQL CVE-2024-21096. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected.
ELSA-2025-28019
ELSA-2025-28019: postgresql security update (IMPORTANT)
ELSA-2025-16099
ELSA-2025-16099: postgresql security update (IMPORTANT)
BDU:2025-09829
Уязвимость утилиты pg_dump системы управления базами данных PostgreSQL, позволяющая нарушителю выполнить произвольный код
RLSA-2025:15115
Important: postgresql:12 security update
RLSA-2025:15022
Important: postgresql:15 security update
RLSA-2025:15021
Important: postgresql:13 security update
RLSA-2025:14899
Important: postgresql:16 security update
RLSA-2025:14878
Important: postgresql security update
RLSA-2025:14862
Important: postgresql:15 security update
RLSA-2025:14827
Important: postgresql:16 security update
RLSA-2025:14826
Important: postgresql16 security update
ELSA-2025-15115
ELSA-2025-15115: postgresql:12 security update (IMPORTANT)
ELSA-2025-15022
ELSA-2025-15022: postgresql:15 security update (IMPORTANT)
ELSA-2025-15021
ELSA-2025-15021: postgresql:13 security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-8714 Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pg_dumpall is also affected. pg_restore is affected when used to generate a plain-format dump. This is similar to MySQL CVE-2024-21096. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected. | CVSS3: 8.8 | 0% Низкий | 5 месяцев назад |
 | CVE-2025-8714 Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pg_dumpall is also affected. pg_restore is affected when used to generate a plain-format dump. This is similar to MySQL CVE-2024-21096. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected. | CVSS3: 8.8 | 0% Низкий | 5 месяцев назад |
 | CVE-2025-8714 Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pg_dumpall is also affected. pg_restore is affected when used to generate a plain-format dump. This is similar to MySQL CVE-2024-21096. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected. | CVSS3: 8.8 | 0% Низкий | 5 месяцев назад |
 | CVE-2025-8714 PostgreSQL pg_dump lets superuser of origin server execute arbitrary code in psql client | CVSS3: 8.8 | 0% Низкий | 4 месяца назад |
| CVE-2025-8714 Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious s ... | CVSS3: 8.8 | 0% Низкий | 5 месяцев назад |
| GHSA-6m5q-cc57-2mj6 Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pg_dumpall is also affected. pg_restore is affected when used to generate a plain-format dump. This is similar to MySQL CVE-2024-21096. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected. | CVSS3: 8.8 | 0% Низкий | 5 месяцев назад |
| ELSA-2025-28019 ELSA-2025-28019: postgresql security update (IMPORTANT) | около 2 месяцев назад | ||
| ELSA-2025-16099 ELSA-2025-16099: postgresql security update (IMPORTANT) | около 2 месяцев назад | ||
 | BDU:2025-09829 Уязвимость утилиты pg_dump системы управления базами данных PostgreSQL, позволяющая нарушителю выполнить произвольный код | CVSS3: 8.8 | 0% Низкий | 5 месяцев назад |
 | RLSA-2025:15115 Important: postgresql:12 security update | 4 месяца назад | ||
| RLSA-2025:15022 Important: postgresql:15 security update | 4 месяца назад | ||
| RLSA-2025:15021 Important: postgresql:13 security update | 4 месяца назад | ||
| RLSA-2025:14899 Important: postgresql:16 security update | 4 месяца назад | ||
| RLSA-2025:14878 Important: postgresql security update | 3 месяца назад | ||
| RLSA-2025:14862 Important: postgresql:15 security update | 4 месяца назад | ||
| RLSA-2025:14827 Important: postgresql:16 security update | 4 месяца назад | ||
| RLSA-2025:14826 Important: postgresql16 security update | 3 месяца назад | ||
| ELSA-2025-15115 ELSA-2025-15115: postgresql:12 security update (IMPORTANT) | 4 месяца назад | ||
| ELSA-2025-15022 ELSA-2025-15022: postgresql:15 security update (IMPORTANT) | 5 месяцев назад | ||
| ELSA-2025-15021 ELSA-2025-15021: postgresql:13 security update (IMPORTANT) | 5 месяцев назад |
Уязвимостей на страницу