CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-55282

aiven-db-migrate is an Aiven database migration tool. Prior to 1.0.7, there is a privilege escalation vulnerability that allows a user to elevate to superuser inside PostgreSQL databases during a migration from an untrusted source server. By exploiting a lack of search_path restriction, an attacker can override pg_catalog and execute untrusted operators as a superuser. This vulnerability is fixed in 1.0.7.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.0%

CVSS Severity

CVSS v3 Score 9.1

References

https://github.com/aiven/aiven-db-migrate/commit/39517dc55720055d93262033b142a365f5bf92c5
https://github.com/aiven/aiven-db-migrate/security/advisories/GHSA-hmvf-93r4-36f9

Products affected by CVE-2025-55282

Aiven » Aiven-Db-Migrate » Version: Any

cpe:2.3:a:aiven:aiven-db-migrate:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-55282

Products

Pricing

Contact Us