CVE-2025-8713

Source
https://nvd.nist.gov/vuln/detail/CVE-2025-8713
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-8713.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-8713
Aliases
Downstream
Published
2025-08-14T13:15:37Z
Modified
2025-08-20T16:01:44.350167Z
Summary
[none]
Details

PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this data is consulted during the query planning process. Prior to this release, a user could craft a leaky operator that bypassed view access control lists (ACLs) and bypassed row security policies in partitioning or table inheritance hierarchies. Reachable statistics data notably included histograms and most-common-values lists. CVE-2017-7484 and CVE-2019-10130 intended to close this class of vulnerability, but this gap remained. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected.

References

Affected packages

Alpine:v3.19 / postgresql15

Package

Name
postgresql15
Purl
pkg:apk/alpine/postgresql15?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.14-r0

Affected versions

15.*

15.1-r0
15.1-r1
15.2-r0
15.2-r1
15.2-r2
15.2-r3
15.2-r4
15.3-r0
15.3-r1
15.4-r0
15.4-r1
15.4-r2
15.5-r0
15.6-r0
15.7-r0
15.8-r0
15.9-r0
15.10-r0
15.11-r0
15.13-r0

Alpine:v3.19 / postgresql16

Package

Name
postgresql16
Purl
pkg:apk/alpine/postgresql16?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
16.10-r0

Affected versions

16.*

16.0-r0
16.0-r1
16.0-r2
16.1-r0
16.2-r0
16.2-r1
16.3-r0
16.4-r0
16.5-r0
16.6-r0
16.8-r0
16.9-r0

Alpine:v3.20 / postgresql15

Package

Name
postgresql15
Purl
pkg:apk/alpine/postgresql15?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.14-r0

Affected versions

15.*

15.1-r0
15.1-r1
15.2-r0
15.2-r1
15.2-r2
15.2-r3
15.2-r4
15.3-r0
15.3-r1
15.4-r0
15.4-r1
15.4-r2
15.5-r0
15.6-r0
15.6-r1
15.6-r2
15.7-r0
15.8-r0
15.9-r0
15.10-r0
15.11-r0
15.13-r0

Alpine:v3.20 / postgresql16

Package

Name
postgresql16
Purl
pkg:apk/alpine/postgresql16?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
16.10-r0

Affected versions

16.*

16.0-r0
16.0-r1
16.0-r2
16.1-r0
16.2-r0
16.2-r1
16.2-r2
16.2-r3
16.2-r4
16.3-r0
16.4-r0
16.5-r0
16.6-r0
16.8-r0
16.9-r0

Alpine:v3.21 / postgresql16

Package

Name
postgresql16
Purl
pkg:apk/alpine/postgresql16?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
16.10-r0

Affected versions

16.*

16.0-r0
16.0-r1
16.0-r2
16.1-r0
16.2-r0
16.2-r1
16.2-r2
16.2-r3
16.2-r4
16.3-r0
16.3-r1
16.4-r0
16.4-r1
16.5-r0
16.6-r0
16.8-r0
16.9-r0

Alpine:v3.21 / postgresql17

Package

Name
postgresql17
Purl
pkg:apk/alpine/postgresql17?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
17.6-r0

Affected versions

17.*

17.0-r0
17.0-r1
17.1-r0
17.2-r0
17.4-r0
17.5-r0

Alpine:v3.22 / postgresql16

Package

Name
postgresql16
Purl
pkg:apk/alpine/postgresql16?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
16.10-r0

Affected versions

16.*

16.0-r0
16.0-r1
16.0-r2
16.1-r0
16.2-r0
16.2-r1
16.2-r2
16.2-r3
16.2-r4
16.3-r0
16.3-r1
16.4-r0
16.4-r1
16.5-r0
16.6-r0
16.8-r0
16.8-r1
16.8-r2
16.8-r3
16.8-r4
16.9-r0

Alpine:v3.22 / postgresql17

Package

Name
postgresql17
Purl
pkg:apk/alpine/postgresql17?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
17.6-r0

Affected versions

17.*

17.0-r0
17.0-r1
17.1-r0
17.2-r0
17.4-r0
17.4-r1
17.4-r2
17.4-r3
17.4-r4
17.5-r0

Debian:11 / postgresql-13

Package

Name
postgresql-13
Purl
pkg:deb/debian/postgresql-13?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
13.22-0+deb11u1

Affected versions

13.*

13.3-1
13.4-0+deb11u1
13.4-1
13.4-2
13.4-3
13.5-0+deb11u1
13.7-0+deb11u1
13.8-0+deb11u1
13.9-0+deb11u1
13.10-0+deb11u1
13.11-0+deb11u1
13.12-0+deb11u1
13.13-0+deb11u1
13.14-0+deb11u1
13.15-0+deb11u1
13.16-0+deb11u1
13.17-0+deb11u1
13.18-0+deb11u1
13.19-0+deb11u1
13.20-0+deb11u1
13.21-0+deb11u1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / postgresql-15

Package

Name
postgresql-15
Purl
pkg:deb/debian/postgresql-15?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

15.*

15.3-0+deb12u1
15.3-1
15.4-0+deb12u1
15.4-1
15.4-2
15.4-3
15.5-0+deb12u1
15.6-0+deb12u1
15.7-0+deb12u1
15.8-0+deb12u1
15.9-0+deb12u1
15.10-0+deb12u1
15.11-0+deb12u1
15.12-0+deb12u1
15.12-0+deb12u2
15.13-0+deb12u1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / postgresql-17

Package

Name
postgresql-17
Purl
pkg:deb/debian/postgresql-17?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

17.*

17.5-1
17.6-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:14 / postgresql-17

Package

Name
postgresql-17
Purl
pkg:deb/debian/postgresql-17?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

17.*

17.5-1
17.6-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}