VYPR

Maven package

com.databricks/databricks-jdbc

pkg:maven/com.databricks/databricks-jdbc

Vulnerabilities (1)

  • CVE-2024-49194HigDec 17, 2024
    affected >= 2.0, < 2.6.40fixed 2.6.40

    Databricks JDBC Driver 2.x before 2.6.40 could potentially allow remote code execution (RCE) by triggering a JNDI injection via a JDBC URL parameter. The vulnerability is rooted in the improper handling of the krbJAASFile parameter. An attacker could potentially exploit this vuln