CVE-2025-8715
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-14

Last updated on: 2025-08-15

Assigner: PostgreSQL

Description
Improper neutralization of newlines in pg_dump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name. The same attacks can achieve SQL injection as a superuser of the restore target server. pg_dumpall, pg_restore, and pg_upgrade are also affected. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected. Versions before 11.20 are unaffected. CVE-2012-0868 had fixed this class of problem, but version 11.20 reintroduced it.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-14
Last Modified
2025-08-15
Generated
2026-05-07
AI Q&A
2025-08-14
EPSS Evaluated
2026-05-05
NVD
CVE-2025-8715
EUVD
EUVD-2025-24809
Affected Vendors & Products
Showing 8 associated CPEs
Vendor Product Version / Range
postgresql postgresql 13.22
postgresql pg_dump *
postgresql postgresql 16.10
postgresql pg_restore *
postgresql pg_upgrade *
postgresql postgresql 14.19
postgresql postgresql 17.6
postgresql postgresql 15.14
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-93 The product uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability involves improper neutralization of newlines in the pg_dump utility of PostgreSQL. It allows a user on the origin server to inject arbitrary code that will execute during the restore process as the client operating system account running psql. This is done via psql meta-commands embedded inside specially crafted object names. Additionally, the same technique can be used to perform SQL injection if the attacker is a superuser on the restore target server. Other PostgreSQL utilities like pg_dumpall, pg_restore, and pg_upgrade are also affected.


How can this vulnerability impact me? :

This vulnerability can lead to arbitrary code execution on the client machine during database restore operations, potentially compromising the client system. It can also allow SQL injection attacks on the target server if the attacker has superuser privileges, leading to unauthorized data access, data modification, or disruption of database availability.


What immediate steps should I take to mitigate this vulnerability?

Upgrade PostgreSQL to version 17.6, 16.10, 15.14, 14.19, or 13.22 or later, as versions before these are affected. Avoid using affected versions for pg_dump, pg_dumpall, pg_restore, and pg_upgrade until upgraded.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart