PostgreSQL

PostgreSQL SQL Injection Vulnerability (CVE-2025-1094)

PostgreSQL SQL Injection Vulnerability (CVE-2025-1094)

| | Blog, CVE-2025-1094, Emergency Response, PostgreSQL, PostgreSQL SQL injection vulnerability
Overview Recently, NSFOCUS CERT detected that PostgreSQL has issued a security announcement and fixed the PostgreSQL SQL injection vulnerability (CVE-2025-1094), with a CVSS score of 8.1. Since the psql tool of PostgreSQL ...
NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.

Ubuntu Fixes a High-Severity PostgreSQL Vulnerability

| | CentOS 7 ELS, Debian 11 Bullseye, Debian 12 Bookworm, Extended Lifecycle Support, Linux & Open Source News, pg_dump utility, PostgreSQL, PostgreSQL vulnerabilities, PostgreSQL vulnerability, race condition vulnerability, Time-of-check Time-of-use, Ubuntu 16.04 End of Life, Ubuntu 18.04 End of Life, Ubuntu 20.04, Ubuntu 22.04, Ubuntu 24.04, Ubuntu Security Fixes, Ubuntu Security Updates
PostgreSQL is an open-source, widely used object relational SQL database. However, like any other software, it is not immune to vulnerabilities. A new high-severity vulnerability has been discovered in PostgreSQL versions before ...
TuxCare

Addressing PostgreSQL Vulnerabilities in Ubuntu

| | end of life, Extended Lifecycle Support, Linux & Open Source News, PostgreSQL, PostgreSQL vulnerabilities, security patches, Ubuntu 16.04 End of Life, Ubuntu 18.04 End of Life, ubuntu 18.04 security updates, Ubuntu 18.04 security vulnerabilities, Ubuntu Security Fixes, Ubuntu Security Updates
In recent updates, the Ubuntu security team has addressed multiple security issues found in PostgreSQL, an Object-relational SQL database. These issues affect various Ubuntu releases, including Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu ...
TuxCare
Baffle Architecture

Does Real Queryable Encryption mean there is a Fake Queryable Encryption?

| | analytics, databases, encryption, mysql, PostgreSQL, Privacy Enhanced Computation, Real Queryable Encryption
TLDR There is no “fake” queryable encryption, but a certain NoSQL database provider has coined the term “Queryable Encryption”, and Baffle has something to say about that. Background To understand real queryable ...
Baffle

Data Masking for PostgreSQL

| | data masking, PCI, PHI, pii, PostgreSQL, sensitive data
Introduction In the ever-evolving landscape of data management, safeguarding sensitive information has become paramount. One of the popular techniques is data masking, a process that obscures original data with fictional or pseudonymous ...
Baffle

Data Masking for PostgreSQL

| | data masking, PCI, PHI, pii, PostgreSQL, sensitive data
Introduction In the ever-evolving landscape of data management, safeguarding sensitive information has become paramount. One of the popular techniques is data masking, a process that obscures original data with fictional or pseudonymous ...
Baffle
Analysis: A Ransomware Attack on a PostgreSQL Database

Analysis: A Ransomware Attack on a PostgreSQL Database

| | database ransomware, Imperva Threat Research, PostgreSQL, Ransomware
In 2017, we reported on a database ransomware campaign targeting MySQL and MongoDB. Since then, we’ve observed similar attack tactics on a PostgreSQL database in Imperva Threat Research lab.  In general, the ...
Blog
The Myth of THE database

The Myth of THE database

| | database, DEVOPS, Kubernetes, openebs, PostgreSQL
Atlas holding up THE databaseI feel blessed these days to be on the front lines of Kubernetes becoming the preferred platform for running all workloads, including high value stateful workloads.One pattern many of ...
Stories by Evan Powell on Medium