AWS Advanced NodeJS Wrapper: Privilege Escalation in Aurora PostgreSQL instance
Description of Vulnerability: An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rds_superuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service (RDS) users. AWS recommends that customers upgrade to the following version: AWS NodeJS Wrapper to v2.0.1. Source of Vulnerability Report: Allistair Ishmael Hakim allistair.hakim@gmail.com Affected products & versions: …