Lucene search
K
AmazonAthena Odbc

6 matches found

CVE
CVE
added 2026/04/03 8:13 p.m.24 views

CVE-2026-5485

CVE-2026-5485 affects the Amazon Athena ODBC driver on Linux, specifically the browser-based authentication component prior to version 2.0.5.1. The issue allows OS command injection via specially crafted connection parameters loaded during a local user-initiated connection, enabling potential arb...

7.8CVSS6.3AI score0.00727EPSS
CVE
CVE
added 2026/04/03 8:10 p.m.13 views

CVE-2026-35561

CVE-2026-35561 affects the Amazon Athena ODBC driver (before 2.1.0.0) due to insufficient authentication controls in browser-based authentication components. This could allow a threat actor to intercept or hijack authentication sessions. Impact is stated as high/critical depending on metric, with...

9.8CVSS5.9AI score0.00473EPSS
CVE
CVE
added 2026/04/03 8:10 p.m.12 views

CVE-2026-35562

CVE-2026-35562 affects the Amazon Athena ODBC driver prior to version 2.1.0.0, where allocations of resources in the parsing components may be unbounded, enabling a threat actor to induce a denial of service via crafted input during parsing. Affected platforms include Windows, Linux, and macOS bu...

8.7CVSS5.9AI score0.00379EPSS
CVE
CVE
added 2026/04/03 8:13 p.m.11 views

CVE-2026-35559

CVE-2026-35559 affects the Amazon Athena ODBC driver. The issue is an out-of-bounds write in the driver’s query processing components prior to version 2.1.0.0, which could crash the driver when processing specially crafted data during queries. Remediation: upgrade to version 2.1.0.0 or later. If ...

7.1CVSS5.9AI score0.00271EPSS
CVE
CVE
added 2026/04/03 8:10 p.m.11 views

CVE-2026-35560

Affected software: Amazon Athena ODBC Driver prior to 2.1.0.0. Issue: Improper certificate validation in the identity provider connection components can enable a man‑in‑the‑middle attack to intercept authentication credentials when connecting to external identity providers. Impact: Credential int...

9.1CVSS5.9AI score0.00261EPSS
CVE
CVE
added 2026/04/03 8:15 p.m.9 views

CVE-2026-35558

Affected software: Amazon Athena ODBC driver (pre-2.1.0.0). Issue: Improper neutralization of special elements in authentication components during user-initiated authentication, enabling a threat actor to execute arbitrary code or redirect authentication flows with specially crafted connection pa...

7.8CVSS6.3AI score0.00274EPSS