vulnerability
Amazon Linux 2023: CVE-2025-1094: Important priority package update for libpq (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | Feb 13, 2025 | Mar 10, 2025 | Jul 7, 2025 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Feb 13, 2025
Added
Mar 10, 2025
Modified
Jul 7, 2025
Description
A flaw was found in PostgreSQL. Due to improper neutralization of quoting syntax, affected versions potentially allow a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the affected function's result to construct input to psql, the PostgreSQL interactive terminal. Similarly, improper neutralization of quoting syntax in PostgreSQL command line utility programs allows a source of command line arguments to achieve SQL injection when `client_encoding` is `BIG5` and `server_encoding` is one of `EUC_TW` or `MULE_INTERNAL`.
Solutions
amazon-linux-2023-upgrade-libpqamazon-linux-2023-upgrade-libpq-debuginfoamazon-linux-2023-upgrade-libpq-debugsourceamazon-linux-2023-upgrade-libpq-develamazon-linux-2023-upgrade-libpq-devel-debuginfoamazon-linux-2023-upgrade-postgresql15amazon-linux-2023-upgrade-postgresql15-contribamazon-linux-2023-upgrade-postgresql15-contrib-debuginfoamazon-linux-2023-upgrade-postgresql15-debuginfoamazon-linux-2023-upgrade-postgresql15-debugsourceamazon-linux-2023-upgrade-postgresql15-docsamazon-linux-2023-upgrade-postgresql15-docs-debuginfoamazon-linux-2023-upgrade-postgresql15-llvmjitamazon-linux-2023-upgrade-postgresql15-llvmjit-debuginfoamazon-linux-2023-upgrade-postgresql15-plperlamazon-linux-2023-upgrade-postgresql15-plperl-debuginfoamazon-linux-2023-upgrade-postgresql15-plpython3amazon-linux-2023-upgrade-postgresql15-plpython3-debuginfoamazon-linux-2023-upgrade-postgresql15-pltclamazon-linux-2023-upgrade-postgresql15-pltcl-debuginfoamazon-linux-2023-upgrade-postgresql15-private-develamazon-linux-2023-upgrade-postgresql15-private-libsamazon-linux-2023-upgrade-postgresql15-private-libs-debuginfoamazon-linux-2023-upgrade-postgresql15-serveramazon-linux-2023-upgrade-postgresql15-server-debuginfoamazon-linux-2023-upgrade-postgresql15-server-develamazon-linux-2023-upgrade-postgresql15-server-devel-debuginfoamazon-linux-2023-upgrade-postgresql15-staticamazon-linux-2023-upgrade-postgresql15-testamazon-linux-2023-upgrade-postgresql15-test-debuginfoamazon-linux-2023-upgrade-postgresql15-test-rpm-macrosamazon-linux-2023-upgrade-postgresql15-upgradeamazon-linux-2023-upgrade-postgresql15-upgrade-debuginfoamazon-linux-2023-upgrade-postgresql15-upgrade-develamazon-linux-2023-upgrade-postgresql15-upgrade-devel-debuginfoamazon-linux-2023-upgrade-postgresql16amazon-linux-2023-upgrade-postgresql16-contribamazon-linux-2023-upgrade-postgresql16-contrib-debuginfoamazon-linux-2023-upgrade-postgresql16-debuginfoamazon-linux-2023-upgrade-postgresql16-debugsourceamazon-linux-2023-upgrade-postgresql16-docsamazon-linux-2023-upgrade-postgresql16-docs-debuginfoamazon-linux-2023-upgrade-postgresql16-llvmjitamazon-linux-2023-upgrade-postgresql16-llvmjit-debuginfoamazon-linux-2023-upgrade-postgresql16-plperlamazon-linux-2023-upgrade-postgresql16-plperl-debuginfoamazon-linux-2023-upgrade-postgresql16-plpython3amazon-linux-2023-upgrade-postgresql16-plpython3-debuginfoamazon-linux-2023-upgrade-postgresql16-pltclamazon-linux-2023-upgrade-postgresql16-pltcl-debuginfoamazon-linux-2023-upgrade-postgresql16-private-develamazon-linux-2023-upgrade-postgresql16-private-libsamazon-linux-2023-upgrade-postgresql16-private-libs-debuginfoamazon-linux-2023-upgrade-postgresql16-serveramazon-linux-2023-upgrade-postgresql16-server-debuginfoamazon-linux-2023-upgrade-postgresql16-server-develamazon-linux-2023-upgrade-postgresql16-server-devel-debuginfoamazon-linux-2023-upgrade-postgresql16-staticamazon-linux-2023-upgrade-postgresql16-testamazon-linux-2023-upgrade-postgresql16-test-debuginfoamazon-linux-2023-upgrade-postgresql16-test-rpm-macrosamazon-linux-2023-upgrade-postgresql16-upgradeamazon-linux-2023-upgrade-postgresql16-upgrade-debuginfoamazon-linux-2023-upgrade-postgresql16-upgrade-develamazon-linux-2023-upgrade-postgresql16-upgrade-devel-debuginfo
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.