2388550 – (CVE-2025-8713) CVE-2025-8713 postgresql: PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table

Bug 2388550 (CVE-2025-8713) - CVE-2025-8713 postgresql: PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table

Summary: CVE-2025-8713 postgresql: PostgreSQL optimizer statistics can expose sampled ...

Keywords:
Status:	NEW
Alias:	CVE-2025-8713
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2388600 2388601 2388602 2388603 2388604 2388605
Blocks:
TreeView+	depends on / blocked

Reported:	2025-08-14 14:01 UTC by OSIDB Bzimport
Modified:	2025-08-31 23:19 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-08-14 14:01:26 UTC

PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access.  Separately, statistics allow a user to read sampled data that a row security policy intended to hide.  PostgreSQL maintains statistics for tables by sampling data available in columns; this data is consulted during the query planning process.  Prior to this release, a user could craft a leaky operator that bypassed view access control lists (ACLs) and bypassed row security policies in partitioning or table inheritance hierarchies.  Reachable statistics data notably included histograms and most-common-values lists.  CVE-2017-7484 and CVE-2019-10130 intended to close this class of vulnerability, but this gap remained.  Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected.

Note You need to log in before you can comment on or make changes to this bug.