Oracle Linux 9 : postgresql:16 (ELSA-2025-1743)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-1743 advisory. pgaudit pgrepack 1.5.1-1 - Update to v1.5.1 pgvector 0.6.2-1 - Initial packaging postgres-decoderbufs postgresql 16.8-1 - Update to 16.8 - Fix CVE-2025-1094...

Azure Linux 3.0 Security Update: postgresql (CVE-2025-1094)

The version of postgresql installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-1094 advisory. - Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral,...

AlmaLinux 9 : libpq (ALSA-2025:1738)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:1738 advisory. postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 Tenable has extracted the preceding...

Oracle Linux 8 : postgresql:13 (ELSA-2025-1736)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-1736 advisory. pgaudit 1.5.0-1 - Update to version 1.5.0 Related: 1855776 pgrepack 1.4.6-3 - Release bump - enable gating postgres-decoderbufs 0.10.0-2 - Release bump for...

PostgreSQL 13.x < 13.19 / 14.x < 14.16 / 15.x < 15.11 / 16.x < 16.7 / 17.x < 17.3 SQLi

The version of PostgreSQL installed on the remote host is 13 prior to 13.19, 14 prior to 14.16, 15 prior to 15.11, 16 prior to 16.7, or 17 prior to 17.3. As such, it is potentially affected by a vulnerability : - Improper neutralization of quoting syntax in PostgreSQL libpq functions...

Oracle Linux 9 : postgresql:15 (ELSA-2025-1741)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-1741 advisory. - Fixes: CVE-2024-10976 CVE-2024-10978 CVE-2024-10979 - Fix CVE-2024-0985 - Fixes CVE-2023-5868, CVE-2023-5869, CVE-2023-5870, CVE-2023-39417, and CVE-2023-3941...

AlmaLinux 9 : postgresql (ALSA-2025:1742)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:1742 advisory. postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 Tenable has extracted the preceding...

Oracle Linux 8 : postgresql:16 (ELSA-2025-1740)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-1740 advisory. pgaudit 16.0-1 - Update to 16.0 - Support postgresql 16 - Initial import for PG 16 module - Resolves: RHEL-3636 pgrepack 1.5.1-1 - Update to 1.5.1...

CBL Mariner 2.0 Security Update: postgresql (CVE-2025-1094)

The version of postgresql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-1094 advisory. - Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral,...

Oracle Linux 9 : postgresql (ELSA-2025-1742)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-1742 advisory. 13.18-1 - Update to 13.18 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not teste...

postgresql:16 security update

pgaudit 16.0-1 - Update to 16.0 - Support postgresql 16 - Initial import for PG 16 module - Resolves: RHEL-3636 pgrepack 1.5.1-1 - Update to 1.5.1 postgres-decoderbufs 2.4.0-1.Final - Initial import for postgresql 16 stream - Related: RHEL-3636 postgresql 16.8-1 - Update to 16.8 - Fix CVE-2025-10...

DLA-4052-2 postgresql-13 - regression update

Bulletin has no description...

CVE-2025-1094 affecting package postgresql for versions less than 14.16-1

CVE-2025-1094 affecting package postgresql for versions less than 14.16-1. An upgraded version of the package is available that resolves this issue...

Important: Red Hat Security Advisory: libpq security update

An update for libpq is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation

A flaw was found in PostgreSQL. Due to improper neutralization of quoting syntax, affected versions potentially allow a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the affected function's result to constru...

Important: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation

A flaw was found in PostgreSQL. Due to improper neutralization of quoting syntax, affected versions potentially allow a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the affected function's result to constru...

Important: Red Hat Security Advisory: libpq security update

An update for libpq is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation

A flaw was found in PostgreSQL. Due to improper neutralization of quoting syntax, affected versions potentially allow a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the affected function's result to constru...

Important: Red Hat Security Advisory: postgresql:16 security update

An update for the postgresql:16 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...