CVE-2025-0218

Name of the Vulnerable Software and Affected Versions pgAgent versions prior to 4.2.3

Description The issue arises when pgAgent executes batch jobs, creating a script in a temporary directory before execution. In affected versions, an insufficiently seeded random number generator is used to generate the directory name. This allows a local attacker to potentially pre-create the directory, preventing pgAgent from executing jobs and disrupting scheduled tasks.

Recommendations For versions prior to 4.2.3, update to version 4.2.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the temporary directory used by pgAgent to minimize the risk of exploitation.