CVE-2025-4207

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-4207

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-4207.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-4207

Aliases

BIT-postgresql-2025-4207

Downstream

ALPINE-CVE-2025-4207

BELL-CVE-2025-4207

DEBIAN-CVE-2025-4207

DLA-4159-1

ECHO-c79e-efec-fddc

MINI-25hv-9w8p-jmm4

MINI-hvqf-q89v-frg3

MINI-p848-mh93-mjvc

MINI-rfph-rqg7-44c9

MINI-w5vq-phh9-vj94

OESA-2025-1508

OESA-2025-1565

OESA-2025-1566

OESA-2025-1567

OESA-2025-1568

OESA-2025-1697

OESA-2025-1698

OESA-2025-1699

OESA-2025-1700

RHSA-2025:14826

RHSA-2025:14827

RHSA-2025:14862

RHSA-2025:14899

RHSA-2025:15021

RHSA-2025:15022

SUSE-SU-2025:01644-1

SUSE-SU-2025:01644-2

SUSE-SU-2025:01661-1

SUSE-SU-2025:01661-2

SUSE-SU-2025:01748-1

SUSE-SU-2025:01748-2

SUSE-SU-2025:01749-1

SUSE-SU-2025:01750-1

SUSE-SU-2025:01765-1

SUSE-SU-2025:01766-1

SUSE-SU-2025:01767-1

SUSE-SU-2025:01782-1

SUSE-SU-2025:01783-1

SUSE-SU-2025:01783-2

SUSE-SU-2025:01785-1

SUSE-SU-2025:01786-1

UBUNTU-CVE-2025-4207

USN-7520-1

USN-7520-2

openSUSE-SU-2025:15137-1

openSUSE-SU-2025:15138-1

openSUSE-SU-2025:15139-1

openSUSE-SU-2025:15140-1

Related

Published

2025-05-08T15:15:48Z

Modified

2025-08-09T19:01:26Z

Summary

[none]

Details

Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 14.18, and 13.21 are affected.

References

Affected packages