CVE-2024-32888 Amazon JDBC Driver for Redshift SQL Injection via line comment generation

🗓️ 15 May 2024 02:16:47Reported by GoogleType

osv

osv🔗 osv.dev👁 16 Views

Amazon JDBC driver for Redshift allows SQL injection via non-default connection propert

Reporter	Title	Published	Views	Family All 18
Chainguard	CVE-2024-32888 vulnerabilities	22 Mar 202516:12	–	cgr
Circl	CVE-2024-32888	17 May 202414:56	–	circl
CNNVD	Magnitude Simba Amazon Redshift JDBC Driver 安全漏洞	15 May 202400:00	–	cnnvd
CVE	CVE-2024-32888	15 May 202402:16	–	cve
Cvelist	CVE-2024-32888 Amazon JDBC Driver for Redshift SQL Injection via line comment generation	15 May 202402:16	–	cvelist
EUVD	EUVD-2024-1847	3 Oct 202520:07	–	euvd
Github Security Blog	Amazon JDBC Driver for Redshift SQL Injection via line comment generation	15 May 202417:10	–	github
NVD	CVE-2024-32888	15 May 202403:15	–	nvd
OSV	CGA-64MR-JM6H-3GQM	29 Jan 202600:43	–	osv
OSV	CGA-QM2Q-Q9XW-MXP4	31 Mar 202516:06	–	osv

Source	Link
github	www.github.com/CVEProject/cvelistV5/tree/main/cves/2024/32xxx/CVE-2024-32888.json
github	www.github.com/aws/amazon-redshift-jdbc-driver/security/advisories/GHSA-x3wm-hffr-chwm
github	www.github.com/pgjdbc/pgjdbc/security/advisories/GHSA-24rp-q3w6-vc56
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-32888
github	www.github.com/aws/amazon-redshift-jdbc-driver/commit/0d354a5f26ca23f7cac4e800e3b8734220230319
github	www.github.com/aws/amazon-redshift-jdbc-driver/commit/12a5e8ecfbb44c8154fc66041cca2e20ecd7b339
github	www.github.com/aws/amazon-redshift-jdbc-driver/commit/bc93694201a291493778ce5369a72befeca5ba7d
sonarsource	www.sonarsource.com/blog/double-dash-double-trouble-a-subtle-sql-injection-flaw/

12 Apr 2026 09:49Current

8.9High risk

Vulners AI Score8.9

CVSS 3.110

EPSS0.00479

amazon jdbc redshift sql injection connection property preferquerymode jdbc driver