Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-12967
PUBLISHED
More InfoOfficial Page
Assigner-AMZN
Assigner Org ID-ff89ba41-3aa1-4d27-914a-91399e9639e5
View Known Exploited Vulnerability (KEV) details
Published At-10 Nov, 2025 | 18:09
Updated At-26 Feb, 2026 | 17:47
Rejected At-
▼CVE Numbering Authority (CNA)

An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rds_superuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service (RDS) users. We recommend customers upgrade to the following versions: AWS JDBC Wrapper to v2.6.5, AWS Go Wrapper to 2025-10-17, AWS NodeJS Wrapper to v2.0.1, AWS Python Wrapper to v1.4.0 and AWS PGSQL ODBC driver to v1.0.1

Affected Products
Vendor
AWS
Product
JDBC Wrapper
Default Status
unaffected
Versions
Unaffected
  • 2.6.5
Vendor
AWS
Product
Go Wrapper
Default Status
unaffected
Versions
Unaffected
  • 2025-10-17
Vendor
AWS
Product
NodeJS Wrapper
Default Status
unaffected
Versions
Unaffected
  • 2.0.1
Vendor
AWS
Product
Python Wrapper
Default Status
unaffected
Versions
Unaffected
  • 1.4.0
Vendor
AWS
Product
ODBC driver
Default Status
unaffected
Versions
Affected
  • 1.0.1
Problem Types
TypeCWE IDDescription
CWECWE-470CWE-470 Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
Type: CWE
CWE ID: CWE-470
Description: CWE-470 Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
Metrics
VersionBase scoreBase severityVector
4.08.6HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3.18.0HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Version: 4.0
Base score: 8.6
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 3.1
Base score: 8.0
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-233CAPEC-233 Privilege Escalation
CAPEC ID: CAPEC-233
Description: CAPEC-233 Privilege Escalation
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://aws.amazon.com/security/security-bulletins/AWS-2025-028/
vendor-advisory
https://github.com/aws/aws-advanced-jdbc-wrapper/releases/tag/2.6.5
patch
https://github.com/aws/aws-advanced-go-wrapper/releases/tag/release-2025-10-17
patch
https://github.com/aws/aws-advanced-python-wrapper/releases/tag/1.4.0
patch
https://github.com/aws/aws-pgsql-odbc/releases/tag/1.0.1
patch
https://github.com/aws/aws-advanced-nodejs-wrapper/releases/tag/2.0.1
patch
https://github.com/aws/aws-advanced-python-wrapper/security/advisories/GHSA-4jvf-wx3f-2x8q
vendor-advisory
https://github.com/aws/aws-advanced-jdbc-wrapper/security/advisories/GHSA-7xw4-g7mm-r4hh
vendor-advisory
https://github.com/aws/aws-pgsql-odbc/security/advisories/GHSA-q327-fgm8-7mxf
vendor-advisory
https://github.com/aws/aws-advanced-go-wrapper/security/advisories/GHSA-7wq2-32h4-9hc9
vendor-advisory
https://github.com/aws/aws-advanced-nodejs-wrapper/security/advisories/GHSA-8wj8-cfxr-9374
vendor-advisory
Hyperlink: https://aws.amazon.com/security/security-bulletins/AWS-2025-028/
Resource:
vendor-advisory
Hyperlink: https://github.com/aws/aws-advanced-jdbc-wrapper/releases/tag/2.6.5
Resource:
patch
Hyperlink: https://github.com/aws/aws-advanced-go-wrapper/releases/tag/release-2025-10-17
Resource:
patch
Hyperlink: https://github.com/aws/aws-advanced-python-wrapper/releases/tag/1.4.0
Resource:
patch
Hyperlink: https://github.com/aws/aws-pgsql-odbc/releases/tag/1.0.1
Resource:
patch
Hyperlink: https://github.com/aws/aws-advanced-nodejs-wrapper/releases/tag/2.0.1
Resource:
patch
Hyperlink: https://github.com/aws/aws-advanced-python-wrapper/security/advisories/GHSA-4jvf-wx3f-2x8q
Resource:
vendor-advisory
Hyperlink: https://github.com/aws/aws-advanced-jdbc-wrapper/security/advisories/GHSA-7xw4-g7mm-r4hh
Resource:
vendor-advisory
Hyperlink: https://github.com/aws/aws-pgsql-odbc/security/advisories/GHSA-q327-fgm8-7mxf
Resource:
vendor-advisory
Hyperlink: https://github.com/aws/aws-advanced-go-wrapper/security/advisories/GHSA-7wq2-32h4-9hc9
Resource:
vendor-advisory
Hyperlink: https://github.com/aws/aws-advanced-nodejs-wrapper/security/advisories/GHSA-8wj8-cfxr-9374
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found