CVE-2025-31480 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

aiven-extras is a PostgreSQL extension. This is a privilege escalation vulnerability, allowing elevation to superuser inside PostgreSQL databases that use the a…
Critical CVSS: 9.1

CVE-2025-31480

aiven-extras is a PostgreSQL extension. This is a privilege escalation vulnerability, allowing elevation to superuser inside PostgreSQL databases that use the aiven-extras package. The vulnerability leverages the format function not being schema-prefixed. Affected users should install 1.1.16 and ensure they run the latest version issuing ALTER EXTENSION aiven_extras UPDATE TO '1.1.16' after installing it. This needs to happen in each database aiven_extras has been installed in.
Vendor
-
Product
-
CWE
CWE-426
Yayın Tarihi
2025-04-04 15:15:48
Güncelleme
2025-04-07 14:18:15
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-426 CRITICAL 2025

Referanslar

https://github.com/aiven/aiven-extras/commit/77b5f19a0c1d196bc741ff5c774f85fe7ca3063b https://github.com/aiven/aiven-extras/security/advisories/GHSA-33xh-jqgf-6627