Search for vulnerabilities
Vulnerability details: VCID-mu53-49bq-g3bq
Vulnerability ID VCID-mu53-49bq-g3bq
Aliases CVE-2025-4207
Summary PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validationmore details
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-126 Buffer Over-read
System Score Found at
cvssv3 5.9 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4207.json
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.0004 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00074 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00074 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00074 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00074 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00074 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00074 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00074 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00074 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00074 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00074 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00074 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00074 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00074 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00074 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.00074 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2025-4207
cvssv3.1 5.9 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
archlinux Medium https://security.archlinux.org/AVG-2875
cvssv3 5.9 https://www.postgresql.org/support/security/CVE-2025-4207/
cvssv3.1 5.9 https://www.postgresql.org/support/security/CVE-2025-4207/
ssvc Track https://www.postgresql.org/support/security/CVE-2025-4207/
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4207.json
https://api.first.org/data/v1/epss?cve=CVE-2025-4207
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4207
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://lists.debian.org/debian-lts-announce/2025/05/msg00011.html
https://www.postgresql.org/about/news/postgresql-175-169-1513-1418-and-1321-released-3072/
https://www.postgresql.org/support/security/CVE-2025-4207/
http://www.openwall.com/lists/oss-security/2025/05/09/3
2365111 https://bugzilla.redhat.com/show_bug.cgi?id=2365111
AVG-2875 https://security.archlinux.org/AVG-2875
CVE-2025-4207 https://nvd.nist.gov/vuln/detail/CVE-2025-4207
USN-7520-1 https://usn.ubuntu.com/7520-1/
USN-7520-2 https://usn.ubuntu.com/7520-2/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4207.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://www.postgresql.org/support/security/CVE-2025-4207/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T14:52:17Z/ Found at https://www.postgresql.org/support/security/CVE-2025-4207/
Exploit Prediction Scoring System (EPSS)
Percentile 0.10453
EPSS Score 0.00038
Published At May 10, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-05-08T13:39:53.973085+00:00 PostgreSQL Importer Import https://www.postgresql.org/support/security/CVE-2025-4207 36.0.0