CVE-2024-45198
insightsoftware Spark JDBC 2.6.21 has a remote code execution vulnerability. Attackers can inject malicious parameters into the JDBC URL, triggering JNDI injection during the process when the JDBC Driver uses this URL to connect to the database. This can further lead to remote code execution.
Vendor
-
Product
-
CWE
Yayın Tarihi
2025-04-03 20:15:23
Güncelleme
2025-04-07 14:18:34
Source Identifier
cve@mitre.org
KEV Date Added
-