Description

aiven-db-migrate is an Aiven database migration tool. Prior to 1.0.7, there is a privilege escalation vulnerability that allows a user to elevate to superuser inside PostgreSQL databases during a migration from an untrusted source server. By exploiting a lack of search_path restriction, an attacker can override pg_catalog and execute untrusted operators as a superuser. This vulnerability is fixed in 1.0.7.

INFO

Published Date :

2025-08-18T16:44:02.944Z

Last Modified :

2025-08-18T19:49:56.981Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-55282 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-55282.

URL Resource
https://github.com/aiven/aiven-db-migrate/commit/39517dc55720055d93262033b142a365f5bf92c5 cve-icon cve-icon
https://github.com/aiven/aiven-db-migrate/security/advisories/GHSA-hmvf-93r4-36f9 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact