CVE-2025-0218 Information

Description

When batch jobs are executed by pgAgent a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3 an insufficiently seeded random number generator is used when generating the directory name leading to the possibility for a local attacker to pre-create the directory and thus prevent pgAgent from executing jobs disrupting scheduled tasks.

Reference

https://github.com/pgadmin-org/pgagent/commit/1ecd193a2be3a3dc9e98f369495e1a792e6d508c