CVE-2025-12818

EUVD-2025-169291
Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundreds of megabytes.  This results in a segmentation fault for the application using libpq.  Versions before PostgreSQL 18.1, 17.7, 16.11, 15.15, 14.20, and 13.23 are affected.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
PostgreSQLCNA
5.9 MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 22%
Debian logo
Debian Releases
Debian Product
Codename
postgresql-13
bullseye
vulnerable
bullseye (security)
13.23-0+deb11u1
fixed
postgresql-15
bookworm
15.15-0+deb12u1
fixed
bookworm (security)
15.16-0+deb12u1
fixed
postgresql-17
trixie
17.7-0+deb13u1
fixed
trixie (security)
17.8-0+deb13u1
fixed
postgresql-18
forky
18.2-1
fixed
sid
18.2-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
postgresql-18
jammy
dne
noble
dne
plucky
dne
questing
dne
postgresql-17
jammy
dne
noble
dne
plucky
Fixed 17.7-0ubuntu0.25.04.1
released
questing
Fixed 17.7-0ubuntu0.25.10.1
released
postgresql-16
jammy
dne
noble
Fixed 16.11-0ubuntu0.24.04.1
released
plucky
dne
questing
dne
postgresql-14
jammy
Fixed 14.20-0ubuntu0.22.04.1
released
noble
dne
plucky
dne
questing
dne
postgresql-12
focal
needs-triage
jammy
dne
noble
dne
plucky
dne
questing
dne
postgresql-10
bionic
needs-triage
jammy
dne
noble
dne
plucky
dne
questing
dne
postgresql-9.5
jammy
dne
noble
dne
plucky
dne
questing
dne
xenial
needs-triage
postgresql-9.3
jammy
dne
noble
dne
plucky
dne
questing
dne
trusty
deferred
Common Weakness Enumeration
References
https://www.postgresql.org/support/security/CVE-2025-12818/