CVE-2025-55283

Critical CVSS: 9.1

aiven-db-migrate is an Aiven database migration tool. Prior to 1.0.7, there is a privilege escalation vulnerability that allows elevation to superuser inside PostgreSQL databases during a migration from an untrusted source server. The vulnerability stems from psql executing commands embedded in a dump from the source server. This vulnerability is fixed in 1.0.7.

Vendor

Aiven

Product

Aiven-db-migrate

CWE

CWE-77

Yayın Tarihi

2025-08-18 17:15:30

Güncelleme

2025-08-21 21:38:40

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-77 Aiven-db-migrate CRITICAL Aiven 2025

Referanslar

https://github.com/aiven/aiven-db-migrate/commit/36f6c7f7d06216975f625da0a1cb514253c4b3df https://github.com/aiven/aiven-db-migrate/security/advisories/GHSA-wqhc-grmj-fjvg

Benzer Kayıtlar

Medium

CVE-2026-29190

Karapace is an open-source implementation of Kafka REST and Schema Registry. Prior to version 6.0.0, there is a Path Tra…

High

CVE-2026-25999

Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to 2.10.2, there is an improper acces…

High

CVE-2025-67745

MyHoard is a daemon for creating, managing and restoring MySQL backups. Starting in version 1.0.1 and prior to version 1…

Critical

CVE-2025-55282

aiven-db-migrate is an Aiven database migration tool. Prior to 1.0.7, there is a privilege escalation vulnerability that…