Vulnerabilities
Projects
Vulnerability Disclosure
About Us
Contact Us
Mend.io Vulnerability Database
What is a WS vulnerability ID?
What is an MSC vulnerability ID?
We found results for “”
CVE-2025-12967
Good to know:
Date: November 10, 2025
An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rds_superuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service (RDS) users. We recommend customers upgrade to the following versions: AWS JDBC Wrapper to v2.6.5, AWS Go Wrapper to 2025-10-17, AWS NodeJS Wrapper to v2.0.1, AWS Python Wrapper to v1.4.0 and AWS PGSQL ODBC driver to v1.0.1
Severity Score
Related Resources (16)
Severity Score
Weakness Type (CWE)
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
CWE-470Top Fix
Upgrade Version
Upgrade to version aws-advanced-nodejs-wrapper - 2.0.1;aws-advanced-python-wrapper - 1.4.0;aws-advanced-python-wrapper - 1.4.0;github.com/aws/aws-advanced-go-wrapper - v0.0.0-20251017102223-8a8ba4036f43;aws_advanced_python_wrapper - 1.4.0;software.amazon.jdbc:aws-advanced-jdbc-wrapper:2.6.5;https://github.com/aws/aws-pgsql-odbc.git - 1.0.1;https://github.com/aws/aws-advanced-nodejs-wrapper.git - 2.0.1;https://github.com/aws/aws-advanced-jdbc-wrapper.git - 2.6.5;https://github.com/aws/aws-advanced-python-wrapper.git - 1.4.0;https://github.com/aws/aws-advanced-go-wrapper.git - awssql/v1.1.1
CVSS v3.1
| Base Score: |
|
|---|---|
| Attack Vector (AV): | NETWORK |
| Attack Complexity (AC): | LOW |
| Privileges Required (PR): | LOW |
| User Interaction (UI): | REQUIRED |
| Scope (S): | UNCHANGED |
| Confidentiality (C): | HIGH |
| Integrity (I): | HIGH |
| Availability (A): | HIGH |