13292 matches found
SUSE SLES15 Security Update : postgresql16 (SUSE-SU-2025:01766-2)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:01766-2 advisory. Upgrade to 16.9: - CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails...
CVE-2025-5690
PostgreSQL Anonymizer v2.0 and v2.1 contain a vulnerability that allows a masked user to bypass the masking rules defined on a table and read the original data using a database cursor or the --insert option of pgdump. This problem occurs only when dynamic masking is enabled, which is not the...
CVE-2025-5690
PostgreSQL Anonymizer v2.0 and v2.1 contain a vulnerability that allows a masked user to bypass the masking rules defined on a table and read the original data using a database cursor or the --insert option of pgdump. This problem occurs only when dynamic masking is enabled, which is not the...
CVE-2025-5690
The CVE-2025-5690 entry concerns PostgreSQL Anonymizer (versions 2.0 and 2.1). Affected component: the masking mechanism when dynamic masking is enabled, which allows a masked user to bypass table masking rules and read original data via a database cursor or the --insert option in pg_dump. This i...
CVE-2025-5690 Cursor allows PostgreSQL Anonymizer masked user to gain unauthorized access to authentic data
PostgreSQL Anonymizer v2.0 and v2.1 contain a vulnerability that allows a masked user to bypass the masking rules defined on a table and read the original data using a database cursor or the --insert option of pgdump. This problem occurs only when dynamic masking is enabled, which is not the...
CVE-2025-5690 Cursor allows PostgreSQL Anonymizer masked user to gain unauthorized access to authentic data
PostgreSQL Anonymizer v2.0 and v2.1 contain a vulnerability that allows a masked user to bypass the masking rules defined on a table and read the original data using a database cursor or the --insert option of pgdump. This problem occurs only when dynamic masking is enabled, which is not the...
Security update for postgresql16
This update for postgresql16 fixes the following issues: Upgrade to 16.9: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/16.9/ Patch Instructions: To...
SUSE-SU-2025:01766-2 Security update for postgresql16
This update for postgresql16 fixes the following issues: Upgrade to 16.9: - CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/16.9/...
PT-2025-23864 · Unknown +1 · Postgresql Anonymizer +1
Name of the Vulnerable Software and Affected Versions: PostgreSQL Anonymizer versions 2.0 through 2.1 Description: The issue allows a masked user to bypass the masking rules defined on a table and read the original data using a database cursor or the --insert option of pg dump. This problem occur...
DALIBO PostgreSQL Anonymizer 安全漏洞
DALIBO PostgreSQL Anonymizer is an extension for masking or replacing personally identifiable information PII or commercially sensitive data in PostgreSQL databases from France DALIBO. A security vulnerability exists in DALIBO PostgreSQL Anonymizer version v2.0 and v2.1, which stems from a...
SUSE SLES12 Security Update : postgresql, postgresql16, postgresql17 (SUSE-SU-2025:01799-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01799-1 advisory. This update ships postgresql17 , and fixes security issues with postgresql16: - bsc1230423: Relax the dependency of extensions on the server...
SUSE-SU-2025:01799-1 Security update for postgresql, postgresql16, postgresql17
This update for postgresql, postgresql16, postgresql17 fixes the following issues: This update ships postgresql17 , and fixes security issues with postgresql16: - bsc1230423: Relax the dependency of extensions on the server version from exact major.minor to greater or equal, after Tom Lane...
Medium: postgresql16
Issue Overview: Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5...
Medium: postgresql15
Issue Overview: Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5...
Medium: postgresql15
Issue Overview: Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5...
Medium: postgresql17
Issue Overview: Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5...
Medium: postgresql16
Issue Overview: Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5...
Medium: postgresql17
Issue Overview: Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5...
Amazon Linux 2023 : postgresql16, postgresql16-contrib, postgresql16-llvmjit (ALAS2023-2025-973)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-973 advisory. Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination...
Amazon Linux 2023 : postgresql15, postgresql15-contrib, postgresql15-llvmjit (ALAS2023-2025-974)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-974 advisory. Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination...