5 matches found
EUVD-2025-60984
Due to insufficient validation of connection property values, the SAP HANA JDBC Client allows a high-privilege locally authenticated user to supply crafted parameters that lead to unauthorized code loading, resulting in low impact on confidentiality and integrity and high impact on availability o...
CVE-2025-42895
Due to insufficient validation of connection property values, the SAP HANA JDBC Client allows a high-privilege locally authenticated user to supply crafted parameters that lead to unauthorized code loading, resulting in low impact on confidentiality and integrity and high impact on availability o...
PT-2025-46235
Name of the Vulnerable Software and Affected Versions SAP HANA JDBC Client affected versions not specified Description The SAP HANA JDBC Client contains a flaw due to inadequate validation of connection property values. A locally authenticated, high-privilege user can provide specially crafted...
@dxfrontier/cds-ts-dispatcher (=2.1.4), @dxfrontier/cds-ts-repository (=1.1.3) +24 more potentially affected by CVE-2024-45277 via @sap/hana-client (>=2.10.13 <=2.21.28)
@sap/hana-client NPM version =2.10.13, =0.1.2, =1.1.1, =0.1.0, =1.0.2, =6.2.0, =2.0.0, =1.0.0, =1.6.0, =1.3.2, =1.1.1, =7.4.0, =4.3.0, =4.9.5 and more Source cves: CVE-2024-45277 Source advisory: OSV:GHSA-6339-GV7W-G5F4...
CVE-2024-45277
The SAP HANA Node.js client package versions from 2.0.0 before 2.21.31 is impacted by Prototype Pollution vulnerability allowing an attacker to add arbitrary properties to global object prototypes. This is due to improper user input sanitation when using the nestTables feature causing low impact ...