vulnerability
Amazon Linux 2023: CVE-2025-1094: Important priority package update for libpq (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | Feb 13, 2025 | Mar 10, 2025 | Jul 7, 2025 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Feb 13, 2025
Added
Mar 10, 2025
Modified
Jul 7, 2025
Description
A flaw was found in PostgreSQL. Due to improper neutralization of quoting syntax, affected versions potentially allow a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the affected function's result to construct input to psql, the PostgreSQL interactive terminal. Similarly, improper neutralization of quoting syntax in PostgreSQL command line utility programs allows a source of command line arguments to achieve SQL injection when `client_encoding` is `BIG5` and `server_encoding` is one of `EUC_TW` or `MULE_INTERNAL`.
Solutions
amazon-linux-2023-upgrade-libpqamazon-linux-2023-upgrade-libpq-debuginfoamazon-linux-2023-upgrade-libpq-debugsourceamazon-linux-2023-upgrade-libpq-develamazon-linux-2023-upgrade-libpq-devel-debuginfoamazon-linux-2023-upgrade-postgresql15amazon-linux-2023-upgrade-postgresql15-contribamazon-linux-2023-upgrade-postgresql15-contrib-debuginfoamazon-linux-2023-upgrade-postgresql15-debuginfoamazon-linux-2023-upgrade-postgresql15-debugsourceamazon-linux-2023-upgrade-postgresql15-docsamazon-linux-2023-upgrade-postgresql15-docs-debuginfoamazon-linux-2023-upgrade-postgresql15-llvmjitamazon-linux-2023-upgrade-postgresql15-llvmjit-debuginfoamazon-linux-2023-upgrade-postgresql15-plperlamazon-linux-2023-upgrade-postgresql15-plperl-debuginfoamazon-linux-2023-upgrade-postgresql15-plpython3amazon-linux-2023-upgrade-postgresql15-plpython3-debuginfoamazon-linux-2023-upgrade-postgresql15-pltclamazon-linux-2023-upgrade-postgresql15-pltcl-debuginfoamazon-linux-2023-upgrade-postgresql15-private-develamazon-linux-2023-upgrade-postgresql15-private-libsamazon-linux-2023-upgrade-postgresql15-private-libs-debuginfoamazon-linux-2023-upgrade-postgresql15-serveramazon-linux-2023-upgrade-postgresql15-server-debuginfoamazon-linux-2023-upgrade-postgresql15-server-develamazon-linux-2023-upgrade-postgresql15-server-devel-debuginfoamazon-linux-2023-upgrade-postgresql15-staticamazon-linux-2023-upgrade-postgresql15-testamazon-linux-2023-upgrade-postgresql15-test-debuginfoamazon-linux-2023-upgrade-postgresql15-test-rpm-macrosamazon-linux-2023-upgrade-postgresql15-upgradeamazon-linux-2023-upgrade-postgresql15-upgrade-debuginfoamazon-linux-2023-upgrade-postgresql15-upgrade-develamazon-linux-2023-upgrade-postgresql15-upgrade-devel-debuginfoamazon-linux-2023-upgrade-postgresql16amazon-linux-2023-upgrade-postgresql16-contribamazon-linux-2023-upgrade-postgresql16-contrib-debuginfoamazon-linux-2023-upgrade-postgresql16-debuginfoamazon-linux-2023-upgrade-postgresql16-debugsourceamazon-linux-2023-upgrade-postgresql16-docsamazon-linux-2023-upgrade-postgresql16-docs-debuginfoamazon-linux-2023-upgrade-postgresql16-llvmjitamazon-linux-2023-upgrade-postgresql16-llvmjit-debuginfoamazon-linux-2023-upgrade-postgresql16-plperlamazon-linux-2023-upgrade-postgresql16-plperl-debuginfoamazon-linux-2023-upgrade-postgresql16-plpython3amazon-linux-2023-upgrade-postgresql16-plpython3-debuginfoamazon-linux-2023-upgrade-postgresql16-pltclamazon-linux-2023-upgrade-postgresql16-pltcl-debuginfoamazon-linux-2023-upgrade-postgresql16-private-develamazon-linux-2023-upgrade-postgresql16-private-libsamazon-linux-2023-upgrade-postgresql16-private-libs-debuginfoamazon-linux-2023-upgrade-postgresql16-serveramazon-linux-2023-upgrade-postgresql16-server-debuginfoamazon-linux-2023-upgrade-postgresql16-server-develamazon-linux-2023-upgrade-postgresql16-server-devel-debuginfoamazon-linux-2023-upgrade-postgresql16-staticamazon-linux-2023-upgrade-postgresql16-testamazon-linux-2023-upgrade-postgresql16-test-debuginfoamazon-linux-2023-upgrade-postgresql16-test-rpm-macrosamazon-linux-2023-upgrade-postgresql16-upgradeamazon-linux-2023-upgrade-postgresql16-upgrade-debuginfoamazon-linux-2023-upgrade-postgresql16-upgrade-develamazon-linux-2023-upgrade-postgresql16-upgrade-devel-debuginfo
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.