Vulnerability Details CVE-2025-0218
When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator is used when generating the directory name, leading to the possibility for a local attacker to pre-create the directory and thus prevent pgAgent from executing jobs, disrupting scheduled tasks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.0%
CVSS Severity
CVSS v3 Score 5.5
Products affected by CVE-2025-0218
-
cpe:2.3:a:pgadmin:pgagent:-
-
cpe:2.3:a:pgadmin:pgagent:2.0.0
-
cpe:2.3:a:pgadmin:pgagent:2.0.1
-
cpe:2.3:a:pgadmin:pgagent:3.0.0
-
cpe:2.3:a:pgadmin:pgagent:3.0.1
-
cpe:2.3:a:pgadmin:pgagent:3.2.0
-
cpe:2.3:a:pgadmin:pgagent:3.2.1
-
cpe:2.3:a:pgadmin:pgagent:3.4.0
-
cpe:2.3:a:pgadmin:pgagent:3.4.1
-
cpe:2.3:a:pgadmin:pgagent:4.0.0
-
cpe:2.3:a:pgadmin:pgagent:4.2.1
-
cpe:2.3:a:pgadmin:pgagent:4.2.2