Lucene search
K

29 matches found

RedHat Linux
RedHat Linux
added 2025/02/20 3:6 p.m.17 views

Important: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

8.1CVSS7.4AI score0.89472EPSS
Exploits10References2
RedHat Linux
RedHat Linux
added 2025/02/20 3:2 p.m.7 views

postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation

A flaw was found in PostgreSQL. Due to improper neutralization of quoting syntax, affected versions potentially allow a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the affected function's result to constru...

8.1CVSS7.3AI score0.89472EPSS
Exploits10References7
Microsoft CVE
Microsoft CVE
added 2025/02/20 8:0 a.m.5 views

PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation

...

8.1CVSS8.4AI score0.89472EPSS
Exploits10
AlmaLinux
AlmaLinux
added 2025/02/20 12:0 a.m.14 views

Important: libpq security update

The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security...

8.1CVSS8.3AI score0.89472EPSS
Exploits10References4
Tenable Nessus
Tenable Nessus
added 2025/02/20 12:0 a.m.9 views

RHEL 8 : postgresql:15 (RHSA-2025:1721)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1721 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing...

8.1CVSS8AI score0.89472EPSS
Exploits10References4
Cvelist
Cvelist
added 2025/02/13 1:0 p.m.27 views

CVE-2025-1094 PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation

Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral, PQescapeIdentifier, PQescapeString, and PQescapeStringConn allows a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the...

8.1CVSS0.89472EPSS
Exploits10References1
Debian CVE
Debian CVE
added 2025/02/13 1:0 p.m.11 views

CVE-2025-1094

Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral, PQescapeIdentifier, PQescapeString, and PQescapeStringConn allows a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the...

8.1CVSS8.4AI score0.89472EPSS
Exploits10
FreeBSD
FreeBSD
added 2025/02/13 12:0 a.m.24 views

PostgreSQL -- PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation

The PostgreSQL Project reports: Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral, PQescapeIdentifier, PQescapeString, and PQescapeStringConn allows a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection...

8.1CVSS8AI score0.89472EPSS
Exploits10References1
PostrgeSql
PostrgeSql
added 2025/02/13 12:0 a.m.81 views

Vulnerability in core server (CVE-2025-1094)

PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral, PQescapeIdentifier, PQescapeString, and PQescapeStringConn allows a database input provider to achieve SQL...

8.1CVSS7.5AI score0.89472EPSS
Exploits10References1Affected Software1
Rows per page
Query Builder