PostgreSQL Vulnerability Security Update Advisory (CVE-2025-1094)

Feb 14 2025

Overview

PostgreSQL(https://www.postgresql.org/) has released a security update that fixes vulnerabilities in its shipped products. users of affected products are advised to update to the latest version.

Affected Products

PostgreSQL 17

PostgreSQL 16

PostgreSQL 15

PostgreSQL 14

PostgreSQL 13

Resolved Vulnerabilities

SQL Injection Vulnerability due to Sandbox Escape in PostgreSQL (CVE-2025-1094, CVSS 8.1) [1]

Vulnerability Patches

Please follow the security advisory published on February 13 to update to the applicable version and the latest version.

PostgreSQL 17.3

PostgreSQL 16.7

PostgreSQL 15.11

PostgreSQL 14.16

PostgreSQL 13.19

Referenced Sites

[1] CVE-2025-1094 : PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation

https://www.postgresql.org/support/security/CVE-2025-1094/

PostgreSQL Vulnerability Security Update Advisory (CVE-2025-1094)

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

GitLab Product Security Update Advisory (CVE-2025-0376)

Dell Product Security Update Advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Tags:

GitLab Product Security Update Advisory (CVE-2025-0376)

Dell Product Security Update Advisory