CVE-2024-12745 | Amazon Redshift Python Connector 2.1.4 Metadata API get_schemas/get_tables/get_columns sql injection

Inserito da Angelo Barbosa | Dic 24, 2024 | CVE

A vulnerability has been found in Amazon Redshift Python Connector 2.1.4 and classified as critical. This vulnerability affects the function get_schemas/get_tables/get_columns of the component Metadata API. The manipulation leads to sql injection.

This vulnerability was named CVE-2024-12745. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-12745 | Amazon Redshift Python Connector 2.1.4 Metadata API get_schemas/get_tables/get_columns sql injection

Post correlati

CVE-2024-1391 | webtechstreet Elementor Addon Elements Plugin up to 1.12.12 on WordPress eae_custom_overlay_switcher cross site scripting

CVE-2021-47379 | Linux Kernel up to 5.4.149/5.10.69/5.14.8 blk-cgroup bfq_io_set_weight_legacy use after free

CVE-2024-25913 | MoveTo Plugin up to 6.2 on WordPress unrestricted upload

CVE-2023-34873 | Mobotix Mx6 v26 tcpdump expression/command delimiters (icsa-24-235-03)