CVE-2025-2506

When pglogical attempts to replicate data, it does not verify it is using a replication connection, which means a user with CONNECT access to a database configured for replication can execute the pglogical command to obtain read access to replicated tables. When pglogical runs it should verify it...

CVE-2025-2506

When pglogical attempts to replicate data, it does not verify it is using a replication connection, which means a user with CONNECT access to a database configured for replication can execute the pglogical command to obtain read access to replicated tables. When pglogical runs it should verify it...

CVE-2025-2506

When pglogical attempts to replicate data, it does not verify it is using a replication connection, which means a user with CONNECT access to a database configured for replication can execute the pglogical command to obtain read access to replicated tables. When pglogical runs it should verify it...

CVE-2025-2506

CVE-2025-2506 affects pglogical 3.x (proprietary to EDB) with integration into BDR/PGD 4/5. The issue arises when pglogical attempts replication without verifying it is on a replication connection, enabling a user with CONNECT on a replication-configured database to run pglogical commands and rea...

CVE-2025-2506

When pglogical attempts to replicate data, it does not verify it is using a replication connection, which means a user with CONNECT access to a database configured for replication can execute the pglogical command to obtain read access to replicated tables. When pglogical runs it should verify it...

PT-2025-22494 · Pglogical +1 · Pglogical +1

Name of the Vulnerable Software and Affected Versions: pglogical versions 3.x BDR/PGD versions 4 and 5 Description: The issue arises when pglogical attempts to replicate data without verifying if it is using a replication connection. This allows a user with CONNECT access to a database configured...