Aws Advanced Jdbc Wrapper Aws Advanced Jdbc Wrapper

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Aws Advanced Jdbc Wrapper.

By the Year

In 2026 there have been 2 vulnerabilities in Aws Advanced Jdbc Wrapper with an average score of 7.8 out of ten.

Year Vulnerabilities Average Score
2026 2 7.75

It may take a day or so for new Aws Advanced Jdbc Wrapper vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Aws Advanced Jdbc Wrapper Security Vulnerabilities

AWS Advanced JDBC Wrapper 3.3-4.0 RemoteQueryCachePlugin Deserialization RCE
CVE-2026-14265 7.5 - High - July 01, 2026

Deserialization of untrusted data in the RemoteQueryCachePlugin in Amazon Web Services AWS Advanced JDBC Wrapper 3.3.0 through 4.0.0 might allow an actor with write access to the shared cache infrastructure to execute arbitrary code on application servers that read cached query results via a crafted serialized Java object. The RemoteQueryCachePlugin uses ObjectInputStream without class filtering when deserializing cached query results from Redis or Valkey, enabling gadget chain execution when cache entries are poisoned. We recommend upgrading to AWS Advanced JDBC Wrapper version 4.0.1 or later.

Marshaling, Unmarshaling

AWS Advanced JDBC Wrapper 4.0.0 GlobalDatabasePlugin Search Path Escalation
CVE-2026-11400 8 - High - June 05, 2026

An untrusted search path issue in the GlobalDatabasePlugin in the AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL will allow a remote authenticated low-privilege actor to escalate privileges to those of another Amazon RDS user, including rds_superuser, via a crafted function created by the actor that runs when that user connects to the cluster through an affected wrapper. To remediate this issue, users should upgrade to AWS Advanced JDBC Wrapper version 4.0.1.

Untrusted Path

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Aws Advanced Jdbc Wrapper or by Aws? Click the Watch button to subscribe.

Aws
Vendor

subscribe