Alibaba Cloud Linux 3 : 0065: postgresql-jdbc (ALINUX3-SA-2023:0065)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0065 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-41946: pgjdbc is an open source postgresql...

Alibaba Cloud Linux 3 : 0270: postgresql:13 (ALINUX3-SA-2024:0270)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0270 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-10976: Incomplete tracking in...

MGASA-2025-0155 Updated postgresql15 & postgresql13 packages fix security vulnerability

PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation. CVE-2025-4207...

Updated postgresql15 & postgresql13 packages fix security vulnerability

PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation. CVE-2025-4207...

CVE-2025-22248

The bitnami/pgpool Docker image, and the bitnami/postgres-ha k8s chart, under default configurations, comes with an 'repmgr' user that allows unauthenticated access to the database inside the cluster. The PGPOOLSRCHECKUSER is the user that Pgpool itself uses to perform streaming replication check...

CVE-2025-22248 [pgpool] Unauthenticated access to postgres through pgpool

The bitnami/pgpool Docker image, and the bitnami/postgres-ha k8s chart, under default configurations, comes with an 'repmgr' user that allows unauthenticated access to the database inside the cluster. The PGPOOLSRCHECKUSER is the user that Pgpool itself uses to perform streaming replication check...

CVE-2025-22248

CVE-2025-22248 affects the Bitnami pgpool image and Bitnami Postgres-HA chart. In default configurations, a repmgr user exists inside the cluster that allows unauthenticated access to PostgreSQL; PGPOOL_SR_CHECK_USER is used for streaming replication checks and should not be trusted. If Pgpool is...

ROS-2-522

2.522 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...

Debian: Security Advisory (DLA-4159-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the libpq library in the PostgreSQL database management system allows a hacker to cause a service failure.

The vulnerability of the libpq library in the PostgreSQL database management system is related to buffer overflows during the processing of PostgreSQL’s GB18030 encoding. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...

BIT-POSTGRESQL-2025-4207 PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation

Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13,...

SUSE CVE-2025-4207

Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13,...

[SECURITY] [DLA 4159-1] postgresql-13 security update

Debian LTS Advisory DLA-4159-1 [email protected] https://www.debian.org/lts/security/ Carlos Henrique Lima Melara May 09, 2025 https://wiki.debian.org/LTS Package : postgresql-13 Version : 13.21-0+deb11u1 CVE ID : CVE-2025-4207 Debian Bug : A security issue was discovered in the...

DLA-4159-1 postgresql-13 - security update

Bulletin has no description...

PostgreSQL DoS Vulnerability (Feb 2025) - Windows

PostgreSQL is prone to a denial of service DoS vulnerability due to a buffer over-read. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

PostgreSQL DoS Vulnerability (Feb 2025) - Linux

PostgreSQL is prone to a denial of service DoS vulnerability due to a buffer over-read. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Debian dla-4159 : libecpg-compat3 - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4159 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4159-1 [email protected] https://www.debian.org/lts/security/...

FreeBSD : PostgreSQL -- PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (78b8e808-2c45-11f0-9a65-6cc21735f730)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 78b8e808-2c45-11f0-9a65-6cc21735f730 advisory. PostgreSQL project reports: A buffer over-read in PostgreSQL GB18030 encoding validation allows a...

CVE-2025-4207

Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13,...

ALPINE-CVE-2025-4207

Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13,...