13317 matches found
ALSA-2025:1742 Important: postgresql security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security issues, including the impact, a CVSS score,...
Important: postgresql security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security issues, including the impact, a CVSS score,...
Important: postgresql:15 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security issues, including the impact, a CVSS score,...
Important: postgresql:16 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security issues, including the impact, a CVSS score,...
Important: postgresql:15 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security issues, including the impact, a CVSS score,...
Important: postgresql:13 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security issues, including the impact, a CVSS score,...
RHEL 9 : postgresql:16 (RHSA-2025:1743)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1743 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing...
ALSA-2025:1737 Important: libpq security update
The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security...
ALSA-2025:1740 Important: postgresql:16 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security issues, including the impact, a CVSS score,...
ALSA-2025:1743 Important: postgresql:16 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security issues, including the impact, a CVSS score,...
ALSA-2025:1739 Important: postgresql:15 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security issues, including the impact, a CVSS score,...
ALSA-2025:1738 Important: libpq security update
The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security...
ALSA-2025:1736 Important: postgresql:13 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security issues, including the impact, a CVSS score,...
CVE-2025-1094 affecting package postgresql for versions less than 16.7-1
CVE-2025-1094 affecting package postgresql for versions less than 16.7-1. An upgraded version of the package is available that resolves this issue...
Vulnerability fixed in PostgreSQL
A vulnerability has been fixed in PostgreSQL. The vulnerability is located in the libpq functions of PostgreSQL and involves an SQL injection error. Improper processing of quotes and incorrectly formed UTF-8 sequences can lead to arbitrary code execution. This vulnerability is being actively...
BIT-POSTGRESQL-2025-1094 PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation
Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral, PQescapeIdentifier, PQescapeString, and PQescapeStringConn allows a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the...
Mageia: Security Advisory (MGASA-2025-0064)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated postgresql15 & postgresql13 packages fix security vulnerability
PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation. CVE-2025-1094...
MGASA-2025-0064 Updated postgresql15 & postgresql13 packages fix security vulnerability
PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation. CVE-2025-1094...
CVE-2025-1094
A flaw was found in PostgreSQL. Due to improper neutralization of quoting syntax, affected versions potentially allow a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the affected function's result to constru...