VYPR

HANA JDBC Client

by SAP

CVEs (2)

  • CVE-2025-42895MedNov 11, 2025
    risk 0.45cvss 6.9epss 0.00

    Due to insufficient validation of connection property values, the SAP HANA JDBC Client allows a high-privilege locally authenticated user to supply crafted parameters that lead to unauthorized code loading, resulting in low impact on confidentiality and integrity and high impact…

  • CVE-2024-45277MedOct 8, 2024
    risk 0.28cvss 4.3epss 0.01

    The SAP HANA Node.js client package versions from 2.0.0 before 2.21.31 is impacted by Prototype Pollution vulnerability allowing an attacker to add arbitrary properties to global object prototypes. This is due to improper user input sanitation when using the nestTables feature…