Primary

Context

pgAgent Temporary Directory Predictability Vulnerability Allowing Job Disruption

Vulnerability

Patched

A vulnerability in pgAgent versions prior to 4.2.3 allows local attackers to disrupt scheduled tasks by pre-creating directories used for executing batch job scripts. The issue arises from the use of a poorly seeded random number generator for directory name generation, which creates a window of opportunity for interference.

Impact

Exploitation of this vulnerability can lead to disruption of scheduled tasks by preventing pgAgent from executing jobs.

Remediation

Users can upgrade to pgAgent version 4.2.3 or later to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

3.5

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

3.5

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

pgAgent Temporary Directory Predictability Vulnerability Allowing Job Disruption

Vulnerability

Impact

Remediation

Affected Products

pgAgent

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating