postgresql14 (SUSE:Linux Enterprise Module for Package Hub 15 SP3) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Package Hub 15 SP3 package postgresql14, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (8)
CVE-2025-8714 — CVSS 8.8 (high): Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for…
CVE-2025-8715 — CVSS 8.8 (high): Improper neutralization of newlines in pg_dump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time…
CVE-2022-1552 — CVSS 8.8 (high): A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another…
CVE-2021-23214 — CVSS 8.1 (high): When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle…
CVE-2022-2625 — CVSS 8.0 (high): A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the…
CVE-2025-4207 — CVSS 5.9 (medium): Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on…
CVE-2021-23222 — CVSS 5.9 (medium): A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification…
CVE-2025-8713 — CVSS 3.1 (low): PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a…