vulnerability
Red Hat: CVE-2025-12817: postgresql: CREATE STATISTICS does not check for schema CREATE privilege (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:N/I:N/A:P) | Nov 13, 2025 | Dec 5, 2025 | Jan 15, 2026 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:N/I:N/A:P)
Published
Nov 13, 2025
Added
Dec 5, 2025
Modified
Jan 15, 2026
Description
A vulnerability has been identified in PostgreSQL’s CREATE STATISTICS command where the database does not check that the user has the required schema CREATE privilege. A table owner user could create a statistics object in any schema, blocking other users who legitimately hold CREATE STATISTICS permissions from creating objects with the same name. This results in a denial-of-service of the statistics creation functionality.
Solutions
redhat-upgrade-pg_repackredhat-upgrade-pg_repack-debuginforedhat-upgrade-pg_repack-debugsourceredhat-upgrade-pgauditredhat-upgrade-pgaudit-debuginforedhat-upgrade-pgaudit-debugsourceredhat-upgrade-pgvectorredhat-upgrade-pgvector-debuginforedhat-upgrade-pgvector-debugsourceredhat-upgrade-postgisredhat-upgrade-postgis-clientredhat-upgrade-postgis-client-debuginforedhat-upgrade-postgis-debuginforedhat-upgrade-postgis-debugsourceredhat-upgrade-postgis-docsredhat-upgrade-postgis-upgraderedhat-upgrade-postgis-upgrade-debuginforedhat-upgrade-postgis-utilsredhat-upgrade-postgres-decoderbufsredhat-upgrade-postgres-decoderbufs-debuginforedhat-upgrade-postgres-decoderbufs-debugsourceredhat-upgrade-postgresqlredhat-upgrade-postgresql-contribredhat-upgrade-postgresql-contrib-debuginforedhat-upgrade-postgresql-debuginforedhat-upgrade-postgresql-debugsourceredhat-upgrade-postgresql-docsredhat-upgrade-postgresql-docs-debuginforedhat-upgrade-postgresql-plperlredhat-upgrade-postgresql-plperl-debuginforedhat-upgrade-postgresql-plpython3redhat-upgrade-postgresql-plpython3-debuginforedhat-upgrade-postgresql-pltclredhat-upgrade-postgresql-pltcl-debuginforedhat-upgrade-postgresql-private-develredhat-upgrade-postgresql-private-libsredhat-upgrade-postgresql-private-libs-debuginforedhat-upgrade-postgresql-serverredhat-upgrade-postgresql-server-debuginforedhat-upgrade-postgresql-server-develredhat-upgrade-postgresql-server-devel-debuginforedhat-upgrade-postgresql-staticredhat-upgrade-postgresql-testredhat-upgrade-postgresql-test-debuginforedhat-upgrade-postgresql-test-rpm-macrosredhat-upgrade-postgresql-upgraderedhat-upgrade-postgresql-upgrade-debuginforedhat-upgrade-postgresql-upgrade-develredhat-upgrade-postgresql-upgrade-devel-debuginforedhat-upgrade-postgresql16-debuginforedhat-upgrade-postgresql16-debugsource
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.