Multiple vulnerabilities in PostgreSQL

Описание

Multiple vulnerabilities were found in PostgreSQL. Malicious users can exploit these vulnerabilities to cause denial of service.

Below is a complete list of vulnerabilities:

1. Missing authorization vulnerability in PostgreSQL CREATE STATISTICS command can be exploited to cause denial of service.
2. Integer wraparound vulnerability in multiple PostgreSQL libpq client library can be exploited to cause denial of service.

Первичный источник обнаружения

• PostgreSQL CREATE STATISTICS does not check for schema CREATE privilege
  PostgreSQL libpq undersizes allocations, via integer wraparound
  

Связанные продукты

• PostgreSQL

Список CVE

• CVE-2025-12817
  warning
• CVE-2025-12818
  high

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com