5.9
CVE-2025-4207
- EPSS 0.06%
- Published 08.05.2025 14:22:45
- Last modified 12.05.2025 17:32:52
- Source f86ef6dc-4d3a-42ad-8f28-e6d554
- Teams watchlist Login
- Open Login
Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 14.18, and 13.21 are affected.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
Vendorn/a
≫
Product
PostgreSQL
Default Statusunaffected
Version <
17.5
Version
17
Status
affected
Version <
16.9
Version
16
Status
affected
Version <
15.13
Version
15
Status
affected
Version <
14.18
Version
14
Status
affected
Version <
13.21
Version
0
Status
affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.173 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| f86ef6dc-4d3a-42ad-8f28-e6d5547a5007 | 5.9 | 2.2 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-126 Buffer Over-read
The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.