CVE-2025-12967 | Amazon JDBC Wrapper up to 2.6.4 Relational Database Service externally-controlled input to select classes or code (GHSA-7wq2-32h4-9hc9)

A vulnerability described as critical has been identified in Amazon JDBC Wrapper, Go Wrapper, NodeJS Wrapper, Python Wrapper and ODBC driver up to 2.6.4. The impacted element is an unknown function of the component Relational Database Service. Executing manipulation can lead to use of externally-controlled input to select classes or code.

This vulnerability is handled as CVE-2025-12967. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More