- Description
- PostgreSQL Anonymizer v2.0 and v2.1 contain a vulnerability that allows a masked user to bypass the masking rules defined on a table and read the original data using a database cursor or the --insert option of pg_dump. This problem occurs only when dynamic masking is enabled, which is not the default setting. The problem is resolved in version 2.2.1
- Source
- f86ef6dc-4d3a-42ad-8f28-e6d5547a5007
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
- f86ef6dc-4d3a-42ad-8f28-e6d5547a5007
- CWE-200
- Hype score
- Not currently trending
CVE-2025-5690 PostgreSQL Anonymizer Dynamic Masking Bypass Vulnerability in Versions 2.0-2.1 https://t.co/KRo9WuV9ht
@VulmonFeeds
5 Jun 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-5690 PostgreSQL Anonymizer v2.0 and v2.1 contain a vulnerability that allows a masked user to bypass the masking rules defined on a table and read the original data using a … https://t.co/pkc2Jz8eLi
@CVEnew
4 Jun 2025
410 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes