AZL-74900

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-74900.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-74900

Upstream

CVE-2025-12818

Published

2025-11-13T13:15:45Z

Modified

2026-04-21T04:38:48.691516Z

Summary

CVE-2025-12818 affecting package rust 1.90.0-3

Details

Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundreds of megabytes. This results in a segmentation fault for the application using libpq. Versions before PostgreSQL 18.1, 17.7, 16.11, 15.15, 14.20, and 13.23 are affected.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-12818

Affected packages

Azure Linux:3 / rust

Package

Name: rust
Purl: pkg:rpm/azure-linux/rust

Affected ranges

Type: ECOSYSTEM
Events: Introduced

1.85.0

Last affected

1.90.0-3

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-74900.json"