12 matches found
EUVD-2023-32301
Malicious code in bioql PyPI...
CVE-2023-28637
DataEase is an open source data visualization analysis tool. In Dataease users are normally allowed to modify data and the data sources are expected to properly sanitize data. The AWS redshift data source does not provide data sanitization which may lead to remote code execution. This vulnerabili...
AWS RedShift Python Connector Detection
Binary data pythonredshiftconnectordetect.nbin...
CVE-2023-28637
DataEase is an open source data visualization analysis tool. In Dataease users are normally allowed to modify data and the data sources are expected to properly sanitize data. The AWS redshift data source does not provide data sanitization which may lead to remote code execution. This vulnerabili...
Remote code execution
DataEase is an open source data visualization analysis tool. In Dataease users are normally allowed to modify data and the data sources are expected to properly sanitize data. The AWS redshift data source does not provide data sanitization which may lead to remote code execution. This vulnerabili...
CVE-2023-28637 DataEase AWS redshift data source exists for remote code execution vulnerability
DataEase is an open source data visualization analysis tool. In Dataease users are normally allowed to modify data and the data sources are expected to properly sanitize data. The AWS redshift data source does not provide data sanitization which may lead to remote code execution. This vulnerabili...
CVE-2023-28637 DataEase AWS redshift data source exists for remote code execution vulnerability
DataEase is an open source data visualization analysis tool. In Dataease users are normally allowed to modify data and the data sources are expected to properly sanitize data. The AWS redshift data source does not provide data sanitization which may lead to remote code execution. This vulnerabili...
CVE-2023-28637 DataEase AWS redshift data source exists for remote code execution vulnerability
DataEase is an open source data visualization analysis tool. In Dataease users are normally allowed to modify data and the data sources are expected to properly sanitize data. The AWS redshift data source does not provide data sanitization which may lead to remote code execution. This vulnerabili...
PT-2023-21865 · Dataease · Dataease
Name of the Vulnerable Software and Affected Versions: DataEase versions prior to 1.18.5 Description: DataEase is an open source data visualization analysis tool where users can modify data, and data sources are expected to sanitize data properly. However, the AWS redshift data source does not...
Duplicate Advisory: AWS Redshift JDBC Driver fails to validate class type during object instantiation
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-jc69-hjw2-fm86. This link is maintained to preserve external references. Original Description In Amazon AWS Redshift JDBC Driver aka amazon-redshift-jdbc-driver or redshift-jdbc42 before 2.1.0.8, the Object...
CVE-2022-41828
In Amazon AWS Redshift JDBC Driver aka amazon-redshift-jdbc-driver or redshift-jdbc42 before 2.1.0.8, the Object Factory does not check the class type when instantiating an object from a class name...
CVE-2022-41828
In Amazon AWS Redshift JDBC Driver aka amazon-redshift-jdbc-driver or redshift-jdbc42 before 2.1.0.8, the Object Factory does not check the class type when instantiating an object from a class name...