MAL-2025-32903 Malicious code in sedna-redshift-farout-umbriel (npm)

The package sedna-redshift-farout-umbriel was found to contain malicious code...

MAL-2025-22302 Malicious code in hazel-redshift-60dx (npm)

The package hazel-redshift-60dx was found to contain malicious code...

MAL-2025-14203 Malicious code in airplane-redshift-ft5i (npm)

The package airplane-redshift-ft5i was found to contain malicious code...

MAL-2025-38119 Malicious code in vanilla-redshift-wi3n (npm)

The package vanilla-redshift-wi3n was found to contain malicious code...

MAL-2025-31944 Malicious code in redshift-delta-8zf3 (npm)

The package redshift-delta-8zf3 was found to contain malicious code...

MAL-2025-31947 Malicious code in redshift-titan-6axh (npm)

The package redshift-titan-6axh was found to contain malicious code...

Malicious code in webdriver-manager-janus-cosmos-redshift (npm)

The package webdriver-manager-janus-cosmos-redshift was found to contain malicious code...

Malicious code in jasmine-despina-cosmology-redshift (npm)

The package jasmine-despina-cosmology-redshift was found to contain malicious code...

Malicious code in frontend-resonance-speleology-redshift (npm)

The package frontend-resonance-speleology-redshift was found to contain malicious code...

Malicious code in redshift-bravo-odvs (npm)

The package redshift-bravo-odvs was found to contain malicious code...

Malicious code in vanilla-redshift-wi3n (npm)

The package vanilla-redshift-wi3n was found to contain malicious code...

MAL-2025-31942 Malicious code in redshift-betelgeuse-aldebaran-corvus (npm)

The package redshift-betelgeuse-aldebaran-corvus was found to contain malicious code...

MAL-2025-31946 Malicious code in redshift-oscar-z6pt (npm)

The package redshift-oscar-z6pt was found to contain malicious code...

MAL-2025-33315 Malicious code in sirius-mensa-publish-redshift (npm)

The package sirius-mensa-publish-redshift was found to contain malicious code...

The vulnerability of the Dataease database management system, related to improper elimination of surrogate characters, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Dataease database management system is related to the improper elimination of surrogate characters when connecting to PostgreSQL and Redshift databases. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the...

CVE-2025-53004

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, there is a bypass vulnerability in Dataease's Redshift Data Source JDBC Connection Parameters. The sslfactory and sslfactoryarg parameters could trigger a bypass vulnerability. This issue has...

CVE-2025-53006

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, in both PostgreSQL and Redshift, apart from parameters like "socketfactory" and "socketfactoryarg", there are also "sslfactory" and "sslfactoryarg" with similar functionality. The difference li...

CVE-2025-53006 Dataease PostgreSQL & Redshift Data Source JDBC Connection Parameters Bypass Vulnerability

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, in both PostgreSQL and Redshift, apart from parameters like "socketfactory" and "socketfactoryarg", there are also "sslfactory" and "sslfactoryarg" with similar functionality. The difference li...

CVE-2025-53006 Dataease PostgreSQL & Redshift Data Source JDBC Connection Parameters Bypass Vulnerability

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, in both PostgreSQL and Redshift, apart from parameters like "socketfactory" and "socketfactoryarg", there are also "sslfactory" and "sslfactoryarg" with similar functionality. The difference li...

CVE-2025-53006

DataEase before version 2.10.11 vulnerable due to improper handling of SSL-related JDBC connection parameters (sslfactory, sslfactoryarg, sslhostnameverifier, sslpasswordcallback, authenticationPluginClassName) which must be triggered after the connection is established. This affects PostgreSQL a...