PostgreSQL Data Manipulation Vulnerability

Release Date: 14 Feb 2025

RISK: Medium Risk

TYPE: Servers - Database Servers

A vulnerability was identified in PostgreSQL. A remote attacker could exploit this vulnerability to trigger sensitive information disclosure, data manipulation and security restriction bypass on the targeted system.

 

---

Impact

• Data Manipulation
• Security Restriction Bypass
• Information Disclosure

---

System / Technologies affected

• PostgreSQL versions before 17.3
• PostgreSQL versions before 16.7
• PostgreSQL versions before 15.11
• PostgreSQL versions before 14.16
• PostgreSQL versions before 13.19

---

Solutions

Before installation of the software, please visit the software manufacturer website for more details.

 

Apply fixes issued by the vendor:

• https://www.postgresql.org/support/security/CVE-2025-1094/

---

Vulnerability Identifier

• CVE-2025-1094

---

Source

• https://www.postgresql.org/support/security/CVE-2025-1094/

---

Related Link

• https://www.postgresql.org/support/security/CVE-2025-1094/