4 matches found
SQL Injection
Overview redshift-connector is a Redshift interface library Affected versions of this package are vulnerable to SQL Injection via the getschemas, gettables, or getcolumns APIs. An attacker can escalate privileges by injecting a malicious schema and causing a higher privileged user or process to...
CVE-2024-12745 SQL Injection in the Amazon Redshift Python Connector affecting v2.1.4
A SQL injection in the Amazon Redshift Python Connector v2.1.4 allows a user to gain escalated privileges via the getschemas, gettables, or getcolumns Metadata APIs. Users are recommended to upgrade to the driver version 2.1.5 or revert to driver version 2.1.3...
redshift_connector 安全漏洞
redshiftconnector is an Amazon Web Services open source Amazon Redshift connector for Python. A security vulnerability exists in redshiftconnector version 2.1.4 that stems from the presence of a SQL injection vulnerability that allows escalated privileges to be gained via the getschemas, gettable...
PT-2024-10193 · Amazon · Amazon Redshift Jdbc Driver
Name of the Vulnerable Software and Affected Versions: Amazon Redshift JDBC Driver version 2.1.0.31 Description: A SQL injection issue in the Amazon Redshift JDBC Driver allows a user to gain escalated privileges via the getSchemas, getTables, or getColumns Metadata APIs. This issue can be...