38 matches found
AWS RedShift Python Connector Detection
Binary data pythonredshiftconnectordetect.nbin...
GHSA-8GC2-VQ6M-RWJW Amazon Redshift Python Connector vulnerable to SQL Injection
Summary A SQL injection in the Amazon Redshift Python Connector in version 2.1.4 allows a user to gain escalated privileges via schema injection in the getschemas, gettables, or getcolumns Metadata APIs. Users should upgrade to the driver version 2.1.5 or revert to driver version 2.1.3. Impact A...
Amazon Redshift Python Connector vulnerable to SQL Injection
Summary A SQL injection in the Amazon Redshift Python Connector in version 2.1.4 allows a user to gain escalated privileges via schema injection in the getschemas, gettables, or getcolumns Metadata APIs. Users should upgrade to the driver version 2.1.5 or revert to driver version 2.1.3. Impact A...
CVE-2024-12745
A SQL injection in the Amazon Redshift Python Connector v2.1.4 allows a user to gain escalated privileges via the getschemas, gettables, or getcolumns Metadata APIs. Users are recommended to upgrade to the driver version 2.1.5 or revert to driver version 2.1.3...
CVE-2024-12745
A SQL injection in the Amazon Redshift Python Connector v2.1.4 allows a user to gain escalated privileges via the getschemas, gettables, or getcolumns Metadata APIs. Users are recommended to upgrade to the driver version 2.1.5 or revert to driver version 2.1.3...
CVE-2024-12745 SQL Injection in the Amazon Redshift Python Connector affecting v2.1.4
A SQL injection in the Amazon Redshift Python Connector v2.1.4 allows a user to gain escalated privileges via the getschemas, gettables, or getcolumns Metadata APIs. Users are recommended to upgrade to the driver version 2.1.5 or revert to driver version 2.1.3...
CVE-2024-12745 SQL Injection in the Amazon Redshift Python Connector affecting v2.1.4
A SQL injection in the Amazon Redshift Python Connector v2.1.4 allows a user to gain escalated privileges via the getschemas, gettables, or getcolumns Metadata APIs. Users are recommended to upgrade to the driver version 2.1.5 or revert to driver version 2.1.3...
CVE-2024-12745
Summary: CVE-2024-12745 affects the Amazon Redshift Python Connector (version 2.1.4). The vulnerability is a SQL injection occurring through the metadata APIs get_schemas, get_tables, and get_columns, potentially enabling elevated privileges. Impact and remediation: Upgrade to driver version 2.1....
PT-2024-10194
Name of the Vulnerable Software and Affected Versions Amazon Redshift Python Connector version 2.1.4 Description A SQL injection in the Amazon Redshift Python Connector allows a user to gain escalated privileges via the get schemas, get tables, or get columns Metadata APIs. Recommendations For...
OPENSUSE-SU-2024:11240-1 python36-mysql-connector-python-8.0.19-2.9 on GA media
These are all security issues fixed in the python36-mysql-connector-python-8.0.19-2.9 package on the GA media of openSUSE Tumbleweed...
CVE-2023-46666
An issue was discovered when using Document Level Security and the SPO "Limited Access" functionality in Elastic Sharepoint Online Python Connector. If a user is assigned limited access permissions to an item on a Sharepoint site then that user would have read permissions to all content on the...
Code injection
An issue was discovered when using Document Level Security and the SPO "Limited Access" functionality in Elastic Sharepoint Online Python Connector. If a user is assigned limited access permissions to an item on a Sharepoint site then that user would have read permissions to all content on the...
CVE-2023-46666
Summary: CVE-2023-46666 affects Elastic Sharepoint Online Python Connector. The issue arises when using Document Level Security with the SPO “Limited Access” feature: a user granted limited access to a single item could read all content on the SharePoint site through Elasticsearch. Affected compo...
Elastic Sharepoint Online Python Connector v8.10.3.0 Security Update
Elastic Sharepoint Online Python Connector Improper Access Control ESA-2023-18 An issue was discovered when using Document Level Security and the SPO "Limited Access" functionality in Elastic Sharepoint Online Python Connector. If a user is assigned limited access permissions to an item on a...
PYSEC-2023-88
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Versions prior to 3.0.2 are vulnerable to command injection via single sign-onSSO browser URL authentication. In order to exploit the...
CVE-2023-34233 Snowflake Python Connector vulnerable to Command Injection
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Versions prior to 3.0.2 are vulnerable to command injection via single sign-onSSO browser URL authentication. In order to exploit the...
Oracle MySQL Python Connector (Jan 2023 CPU)
The versions of Python Connector installed on the remote host are affected by a vulnerability as referenced in the January 2023 CPU advisory. Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multipl...
OPENSUSE-SU-2020:0409-1 Security update for python-mysql-connector-python
This update for python-mysql-connector-python fixes the following issues: python-mysql-connector-python was updated to 8.0.19 boo1122204 - CVE-2019-2435: - WL13531: Remove xplugin namespace - WL13372: DNS SRV support - WL12738: Specify TLS ciphers to be used by a client or session - BUG30270760:...