{"id":"BIT-postgresql-2025-8715","summary":"PostgreSQL pg_dump newline in object name executes arbitrary code in psql client and in restore target server","details":"Improper neutralization of newlines in pg_dump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name.  The same attacks can achieve SQL injection as a superuser of the restore target server.  pg_dumpall, pg_restore, and pg_upgrade are also affected.  Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected.  Versions before 11.20 are unaffected.  CVE-2012-0868 had fixed this class of problem, but version 11.20 reintroduced it.","aliases":["CVE-2025-8715"],"modified":"2025-08-18T09:12:22.862437Z","published":"2025-08-18T08:11:30.288Z","database_specific":{"severity":"High","cpes":["cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*"]},"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-8715"},{"type":"WEB","url":"https://www.postgresql.org/support/security/CVE-2025-8715/"}],"affected":[{"package":{"name":"postgresql","ecosystem":"Bitnami","purl":"pkg:bitnami/postgresql"},"ranges":[{"type":"SEMVER","events":[{"introduced":"11.20.0"},{"fixed":"13.22.0"},{"introduced":"14.0.0"},{"fixed":"14.19.0"},{"introduced":"15.0.0"},{"fixed":"15.14.0"},{"introduced":"16.0.0"},{"fixed":"16.10.0"},{"introduced":"17.0.0"},{"fixed":"17.6.0"}]}],"database_specific":{"source":"https://github.com/bitnami/vulndb/tree/main/data/postgresql/BIT-postgresql-2025-8715.json"},"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}],"schema_version":"1.7.3"}