CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31480 – aiven-extras allows PostgreSQL Privilege Escalation through format function
https://notcve.org/view.php?id=CVE-2025-31480
04 Apr 2025 — aiven-extras is a PostgreSQL extension. This is a privilege escalation vulnerability, allowing elevation to superuser inside PostgreSQL databases that use the aiven-extras package. The vulnerability leverages the format function not being schema-prefixed. Affected users should install 1.1.16 and ensure they run the latest version issuing ALTER EXTENSION aiven_extras UPDATE TO '1.1.16' after installing it. This needs to happen in each database aiven_extras has been installed in. • https://github.com/aiven/aiven-extras/commit/77b5f19a0c1d196bc741ff5c774f85fe7ca3063b • CWE-426: Untrusted Search Path •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56142 – Path Traversal in pghoard
https://notcve.org/view.php?id=CVE-2024-56142
17 Dec 2024 — pghoard is a PostgreSQL backup daemon and restore tooling that stores backup data in cloud object stores. A vulnerability has been discovered that could allow an attacker to acquire disk access with privileges equivalent to those of pghoard, allowing for unintended path traversal. Depending on the permissions/privileges assigned to pghoard, this could allow disclosure of sensitive information. This issue has been addressed in releases after 2.2.2a. Users are advised to upgrade. • https://github.com/Aiven-Open/pghoard/security/advisories/GHSA-m9hc-vxjj-4x6q • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51390 – Information Disclosure Vulnerability in Journalpump
https://notcve.org/view.php?id=CVE-2023-51390
20 Dec 2023 — journalpump is a daemon that takes log messages from journald and pumps them to a given output. A logging vulnerability was found in journalpump which logs out the configuration of a service integration in plaintext to the supplied logging pipeline, including credential information contained in the configuration if any. The problem has been patched in journalpump 2.5.0. journalpump es un daemon que toma mensajes de registro de journald y los envía a una salida determinada. Se encontró una vulnerabilidad de ... • https://github.com/Aiven-Open/journalpump/commit/390e69bc909ba16ad5f7b577010b4afc303361da • CWE-215: Insertion of Sensitive Information Into Debugging Code CWE-284: Improper Access Control CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 9.0EPSS: 1%CPEs: 6EXPL: 0CVE-2023-32305 – aiven-extras PostgreSQL Privilege Escalation Through Overloaded Search Path
https://notcve.org/view.php?id=CVE-2023-32305
12 May 2023 — aiven-extras is a PostgreSQL extension. Versions prior to 1.1.9 contain a privilege escalation vulnerability, allowing elevation to superuser inside PostgreSQL databases that use the aiven-extras package. The vulnerability leverages missing schema qualifiers on privileged functions called by the aiven-extras extension. A low privileged user can create objects that collide with existing function names, which will then be executed instead. Exploiting this vulnerability could allow a low privileged user to acq... • https://github.com/aiven/aiven-extras/commit/8682ae01bec0791708bf25791786d776e2fb0250 • CWE-20: Improper Input Validation CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •