3 matches found
@hulumi/drift: Orphan reconciler accepted externally supplied execute plans
Impact: @hulumi/drift versions before 1.3.2 could accept externally supplied execute plans without sufficient provenance checks, allowing unsafe reconciliation input to be treated as trusted. Patched in 1.3.2: execute-plan handling now validates provenance and rejects untrusted plans, with...
CVE-2025-24975 Firebird Non-Authorized Access to Encrypted Database Using Execute Statement on External
Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if ExtConnPoolSize is not set equal to 0. If connections stored in ExtConnPool are not verified for presence and suitability of the CryptCallback interface is used when...
CVE-2025-24975 Firebird Non-Authorized Access to Encrypted Database Using Execute Statement on External
Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if ExtConnPoolSize is not set equal to 0. If connections stored in ExtConnPool are not verified for presence and suitability of the CryptCallback interface is used when...