Red Hat Security Advisory: postgresql security update
Multiple security vulnerabilities in PostgreSQL related to code execution during restore operations have been identified and addressed in Red Hat Enterprise Linux 9.4 Extended Update Support. These include CVE-2025-8713, CVE-2025-8714, and CVE-2025-8715. The vulnerabilities allow arbitrary code execution during database restore processes. Red Hat has released security updates to fix these issues in PostgreSQL packages for various architectures and Red Hat Enterprise Linux variants.
AI Analysis
Technical Summary
This advisory addresses three related vulnerabilities in PostgreSQL, specifically CVE-2025-8713, CVE-2025-8714, and CVE-2025-8715, which involve the execution of arbitrary code during restore operations. The vulnerabilities are rated as important by Red Hat Product Security. The update fixes these issues in PostgreSQL version 13.22-1.el9_4 for Red Hat Enterprise Linux 9.4 Extended Update Support and related variants. The advisory references bugzilla entries BZ-2388551 and BZ-2388553 for the fixes of CVE-2025-8715 and CVE-2025-8714 respectively. No CVSS scores are provided in the advisory, but the severity is considered high.
Potential Impact
Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code during the PostgreSQL restore operation, potentially compromising the database server. This could lead to unauthorized access or control over the affected system. The vulnerabilities affect PostgreSQL running on Red Hat Enterprise Linux 9.4 Extended Update Support and related variants across multiple architectures.
Mitigation Recommendations
Red Hat has released updated PostgreSQL packages (version 13.22-1.el9_4) that address these vulnerabilities. Users of affected Red Hat Enterprise Linux 9.4 Extended Update Support versions should apply the security update as detailed in Red Hat advisory RHSA-2025:15114 and the referenced article https://access.redhat.com/articles/11258. Applying the official update is the recommended mitigation. Patch status is confirmed as fixed in the updated packages.
Red Hat Security Advisory: postgresql security update
Description
Multiple security vulnerabilities in PostgreSQL related to code execution during restore operations have been identified and addressed in Red Hat Enterprise Linux 9.4 Extended Update Support. These include CVE-2025-8713, CVE-2025-8714, and CVE-2025-8715. The vulnerabilities allow arbitrary code execution during database restore processes. Red Hat has released security updates to fix these issues in PostgreSQL packages for various architectures and Red Hat Enterprise Linux variants.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This advisory addresses three related vulnerabilities in PostgreSQL, specifically CVE-2025-8713, CVE-2025-8714, and CVE-2025-8715, which involve the execution of arbitrary code during restore operations. The vulnerabilities are rated as important by Red Hat Product Security. The update fixes these issues in PostgreSQL version 13.22-1.el9_4 for Red Hat Enterprise Linux 9.4 Extended Update Support and related variants. The advisory references bugzilla entries BZ-2388551 and BZ-2388553 for the fixes of CVE-2025-8715 and CVE-2025-8714 respectively. No CVSS scores are provided in the advisory, but the severity is considered high.
Potential Impact
Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code during the PostgreSQL restore operation, potentially compromising the database server. This could lead to unauthorized access or control over the affected system. The vulnerabilities affect PostgreSQL running on Red Hat Enterprise Linux 9.4 Extended Update Support and related variants across multiple architectures.
Mitigation Recommendations
Red Hat has released updated PostgreSQL packages (version 13.22-1.el9_4) that address these vulnerabilities. Users of affected Red Hat Enterprise Linux 9.4 Extended Update Support versions should apply the security update as detailed in Red Hat advisory RHSA-2025:15114 and the referenced article https://access.redhat.com/articles/11258. Applying the official update is the recommended mitigation. Patch status is confirmed as fixed in the updated packages.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2025:15114
- Cve Count
- 3
- Additional Cves
- ["CVE-2025-8714","CVE-2025-8715"]
- Cvss Version
- null
Threat ID: 6a3cc29b4853345fc16d2de2
Added to database: 06/25/2026, 05:54:35 UTC
Last enriched: 06/25/2026, 06:18:58 UTC
Last updated: 06/25/2026, 07:00:48 UTC
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.