Vulners
Lucene search
AmazonAmazon Web Services Redshift Java Database Connectivity Driver
2 matches found
CVE-2022-41828
Summary: CVE-2022-41828 concerns the Amazon AWS Redshift JDBC Driver (redshift-jdbc42) prior to 2.1.0.8, where the Object Factory does not validate the target class type before instantiation, enabling potential remote code execution via crafted class names. Connected documents show concrete detai...
8.8CVSS7.9AI score0.01469EPSS
Web
CVE-2024-12744
CVE-2024-12744 affects the Amazon Redshift JDBC Driver v2.1.0.31, where a SQL injection via the getSchemas, getTables, or getColumns metadata APIs can grant escalated privileges. The issue is fixed in driver v2.1.0.32; guidance is to upgrade to 2.1.0.32 or revert to 2.1.0.30. Exploitation details...
8.6CVSS8.4AI score0.00579EPSS