PostgreSQL security advisory (AV25-084)

Serial number: AV25-084
Date: February 17, 2025

On February 13, 2025, PostgreSQL published a security advisory to address a vulnerability VulnerabilityA flaw or weakness in the design or implementation of an information system or its environment that could be exploited to adversely affect an organization's assets or operations. in the following product:

PostgreSQL – 13.x versions prior to 13.19, 14.x versions prior to 14.16, 15.x versions prior to 15.11, 16.x versions prior to 16.7 and 17.x versions prior to 17.3

Open-source reporting has advised that CVE-2025-1094 may have been exploited.

The Cyber Centre encourages users and administrators to review the provided web link and perform the suggested mitigations.

PostgreSQL Advisory - quoting APIs miss neutralizing quoting syntax in text that fails encoding validation

Date modified:: 2025-02-17

Language selection

Search

PostgreSQL security advisory (AV25-084)