- What is the PostgreSQL CNA?
- PostgreSQL is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 38 CVE records since 2024.
- How many CVEs has PostgreSQL published?
- PostgreSQL has published 38 CVE records, including 37 in the last two years.
- What is PostgreSQL's CVE data quality grade?
- RadicalNotion.AI grades PostgreSQL's CVE data quality as B, with an overall completeness score of 88.2%. This reflects how consistently its CVE records include vendor (55.3%), product (100%), CVSS (100%), and CWE (97.4%) information.
- What products does PostgreSQL publish CVEs for?
- PostgreSQL most frequently publishes CVEs for PostgreSQL, pgAdmin 4, pgadmin4, PostgreSQL Anonymizer, Red Hat Hardened Images.
- Which vendors does PostgreSQL cover?
- PostgreSQL publishes CVEs across 3 distinct vendors, most often PostgreSQL, pgAdmin, pgAdmin.org, DALIBO, Red Hat.
- Is PostgreSQL actively publishing CVEs?
- PostgreSQL is currently active, based on 37 CVEs in the last two years.
- What is the average severity of PostgreSQL's CVEs?
- The average CVSS base score across PostgreSQL's scored CVEs is 7.3.
- How many critical CVEs has PostgreSQL published?
- PostgreSQL has published 14 critical-severity CVEs and 43 high-severity CVEs.
- Are any of PostgreSQL's CVEs in CISA's Known Exploited Vulnerabilities catalog?
- No. None of PostgreSQL's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
- What are the most common weakness types in PostgreSQL's CVEs?
- PostgreSQL's CVEs most often map to these CWE weakness types: CWE-89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-862 (Missing Authorization), CWE-94 (Improper Control of Generation of Code ('Code Injection')).
- How does PostgreSQL rank among CNAs?
- By total CVE volume, PostgreSQL ranks #197 of 370 CNAs, and it reports more complete CVE records than 35% of all CNAs.