Technology: postgresql
| ID | Title | Description | Category | Technology | Tags |
|---|---|---|---|---|---|
| CRE-2025-0020 High Impact: 10/10 Mitigation: 6/10 | Self-hosted PostgreSQL HA: WAL Streaming & HA Controller Crisis (Replication Slot Loss, Disk Full, Etcd Quorum Failure) | Detects high-severity failures in self-hosted PostgreSQL high-availability clusters managed by Patroni, Zalando, or similar HA controllers. This rule targets catastrophic conditions that break replication or cluster consensus: - WAL streaming failures due to missing replication slots (usually after disk full or crash events) - Persistent errors resolving HA controller endpoints (etcd/consul) and loss of HA controller quorum - Disk saturation leading to WAL write errors and replication breakage | PostgreSQL High Availability | postgresql | High AvailabilityPatroniZalandoEtcdReplicationWALStorageQuorumCrashData LossTimeout |
| CRE-2025-0077 High Impact: 9/10 Mitigation: 7/10 | PostgreSQL Fails to Extend File Due to Disk Full | PostgreSQL logs an error when it cannot extend a data file (table/index) because the filesystem is out of disk space. This prevents writes requiring new allocation. | Database Problems | postgresql | PostgreSQLDisk FullWrite FailurePublic |
| CRE-2025-0079 Critical Impact: 10/10 Mitigation: 3/10 | SpiceDB Database Corruption: Critical Table Loss | Detects catastrophic SpiceDB database corruption where critical core tables like `alembic_version` and `relation_tuple_transaction` are missing or dropped. This represents complete database corruption that renders SpiceDB unable to perform any authorization operations, causing total permission system failure. | Authorization Systems | postgresql | SpiceDBDatabase CorruptionAuthorizationPostgreSQL |