CVE-2024-12744

A SQL injection in the Amazon Redshift JDBC Driver in v2.1.0.31 allows a user to gain escalated privileges via the getSchemas, getTables, or getColumns Metadata APIs. Users should upgrade to the driver version 2.1.0.32 or revert to driver version 2.1.0.30...

CVE-2024-12746

A SQL injection in the Amazon Redshift ODBC Driver v2.1.5.0 Windows or Linux allows a user to gain escalated privileges via the SQLTables or SQLColumns Metadata APIs. Users are recommended to upgrade to the driver version 2.1.6.0 or revert to driver version 2.1.4.0...

The vulnerability of the Amazon Redshift Python Connector driver lies in the lack of security measures for SQL query structures, allowing attackers to exploit their privileges.

The vulnerability of the Amazon Redshift Python Connector driver is related to the lack of security measures for SQL query structures. Exploiting this vulnerability can allow an attacker to enhance their privileges remotely...

The vulnerability of the Amazon Redshift JDBC driver lies in the lack of security measures for SQL query structures, allowing attackers to exploit this to increase their privileges.

The vulnerability of the Amazon Redshift JDBC driver is related to the lack of security measures for SQL query structures. Exploiting this vulnerability can allow attackers to enhance their privileges...

RedShift Python Connector < 2.1.5 (CVE-2024-12745)

The Amazon Redshift Python Connector, version 2.1.4, is affected by CVE-2024-12745, a SQL injection issue when utilizing the getschemas, gettables, or getcolumns Metadata APIs. This issue has been addressed in driver version 2.1.5. We recommend customers upgrade to the driver version 2.1.5 or...

AWS RedShift Python Connector Detection

Binary data pythonredshiftconnectordetect.nbin...

RedShift JDBC Driver < 2.1.0.32 (CVE-2024-12744)

The Amazon Redshift JDBC Driver, version 2.1.0.31, is affected by CVE-2024-12744, a SQL injection issue when utilizing the getschemas, gettables, or getcolumns Metadata APIs. This issue has been addressed in driver version 2.1.0.32. We recommend customers upgrade to the driver version 2.1.0.32 or...

Amazon Redshift ODBC Driver Installed (Linux)

Binary data amazonredshiftodbcdrivernixinstalled.nbin...

RedShift JDBC Installed

Binary data redshiftjdbcinstalled.nbin...

Amazon Redshift ODBC Driver Installed (Windows)

Binary data amazonredshiftodbcdriverwininstalled.nbin...

SQL Injection

redshiftconnector is vulnerable to SQL injection. The vulnerability is due to SQL injection in the getschemas, gettables, or getcolumns Metadata APIs in version 2.1.4, which could allow an attacker to gain escalated privileges...

The vulnerabilities of the SQLTables() and SQLColumns() functions in the Amazon Redshift ODBC Cloud Database integration software interface allow attackers to exploit these functions to gain increased privileges.

The vulnerability of the SQLTables and SQLColumns functions in the Amazon Redshift ODBC cloud database integration software interface is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability can allow an attacker to enhance their privileges remotely...

SQL Injection

com.amazon.redshift:redshift-jdbc42 is vulnerable to SQL Injection. The vulnerability is due to insufficient input validation in the getSchemas, getTables, or getColumns Metadata APIs, allowing an attacker to gain escalated privileges...

GHSA-8GC2-VQ6M-RWJW Amazon Redshift Python Connector vulnerable to SQL Injection

Summary A SQL injection in the Amazon Redshift Python Connector in version 2.1.4 allows a user to gain escalated privileges via schema injection in the getschemas, gettables, or getcolumns Metadata APIs. Users should upgrade to the driver version 2.1.5 or revert to driver version 2.1.3. Impact A...

Amazon Redshift Python Connector vulnerable to SQL Injection

Summary A SQL injection in the Amazon Redshift Python Connector in version 2.1.4 allows a user to gain escalated privileges via schema injection in the getschemas, gettables, or getcolumns Metadata APIs. Users should upgrade to the driver version 2.1.5 or revert to driver version 2.1.3. Impact A...

Amazon Redshift JDBC Driver vulnerable to SQL Injection

Summary A SQL injection in the Amazon Redshift JDBC Driver in v2.1.0.31 allows a user to gain escalated privileges via schema injection in the getSchemas, getTables, or getColumns Metadata APIs. Users should upgrade to the driver version 2.1.0.32 or revert to driver version 2.1.0.30. Impact A SQL...

io.github.josephlbarnett:db (>=3.2.340 <=3.2.379), us.fatehi:schemacrawler-cassandra (>=16.23.1 <=16.23.2) +10 more potentially affected by CVE-2024-12744 via com.amazon.redshift:redshift-jdbc42 (=2.1.0.31)

com.amazon.redshift:redshift-jdbc42 MAVEN version =2.1.0.31 is affected by a known vulnerability. The following packages have a transitive dependency on com.amazon.redshift:redshift-jdbc42 and may be impacted: - io.github.josephlbarnett:db =3.2.340, =16.23.1, =16.23.1, =16.23.1, =16.23.1, =16.23....

GHSA-8596-2JGR-PPJ7 Amazon Redshift JDBC Driver vulnerable to SQL Injection

Summary A SQL injection in the Amazon Redshift JDBC Driver in v2.1.0.31 allows a user to gain escalated privileges via schema injection in the getSchemas, getTables, or getColumns Metadata APIs. Users should upgrade to the driver version 2.1.0.32 or revert to driver version 2.1.0.30. Impact A SQL...

CVE-2024-12745

A SQL injection in the Amazon Redshift Python Connector v2.1.4 allows a user to gain escalated privileges via the getschemas, gettables, or getcolumns Metadata APIs. Users are recommended to upgrade to the driver version 2.1.5 or revert to driver version 2.1.3...

CVE-2024-12745

A SQL injection in the Amazon Redshift Python Connector v2.1.4 allows a user to gain escalated privileges via the getschemas, gettables, or getcolumns Metadata APIs. Users are recommended to upgrade to the driver version 2.1.5 or revert to driver version 2.1.3...