Количество 2
Количество 2
CVE-2025-12967
An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rds_superuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service (RDS) users. We recommend customers upgrade to the following versions: AWS JDBC Wrapper to v2.6.5, AWS Go Wrapper to 2025-10-17, AWS NodeJS Wrapper to v2.0.1, AWS Python Wrapper to v1.4.0 and AWS PGSQL ODBC driver to v1.0.1
GHSA-4jvf-wx3f-2x8q
AWS Advanced Python Wrapper: Privilege Escalation in Aurora PostgreSQL instance
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-12967 An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rds_superuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service (RDS) users. We recommend customers upgrade to the following versions: AWS JDBC Wrapper to v2.6.5, AWS Go Wrapper to 2025-10-17, AWS NodeJS Wrapper to v2.0.1, AWS Python Wrapper to v1.4.0 and AWS PGSQL ODBC driver to v1.0.1 | CVSS3: 8 | 0% Низкий | 3 месяца назад |
| GHSA-4jvf-wx3f-2x8q AWS Advanced Python Wrapper: Privilege Escalation in Aurora PostgreSQL instance | CVSS3: 8 | 0% Низкий | 3 месяца назад |
Уязвимостей на страницу