x/vulndb: potential Go vuln in github.com/aws/aws-advanced-go-wrapper/awssql: GHSA-7wq2-32h4-9hc9 #4119
Description
Advisory GHSA-7wq2-32h4-9hc9 references a vulnerability in the following Go modules:
| Module |
|---|
| github.com/aws/aws-advanced-go-wrapper/awssql |
Description:
Description of Vulnerability:
An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rds_superuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service (RDS) users.
AWS recommends customers upgrade to the following versions: AWS Go Wrapper to 2025-10-17.
Source of Vulnerability Report:
Allistair Ishmael Hakim [email protected]
Affected products & versions:
AWS Go Wrapper < 2025-10-17.
Pl...
References:
- ADVISORY: GHSA-7wq2-32h4-9hc9
- ADVISORY: GHSA-7wq2-32h4-9hc9
- FIX: aws/aws-advanced-go-wrapper@7b405f9
- FIX: chore: refactor sql queries to be fully qualified aws/aws-advanced-go-wrapper#270
No existing reports found with this module or alias.
See doc/quickstart.md for instructions on how to triage this report.
id: GO-ID-PENDING
modules:
- module: github.com/aws/aws-advanced-go-wrapper/awssql
versions:
- fixed: 1.1.1
vulnerable_at: 1.1.1-rc
summary: 'AWS Advanced Go Wrapper: Privilege Escalation in Aurora PostgreSQL Instance in github.com/aws/aws-advanced-go-wrapper/awssql'
ghsas:
- GHSA-7wq2-32h4-9hc9
references:
- advisory: https://github.com/advisories/GHSA-7wq2-32h4-9hc9
- advisory: https://github.com/aws/aws-advanced-go-wrapper/security/advisories/GHSA-7wq2-32h4-9hc9
- fix: https://github.com/aws/aws-advanced-go-wrapper/commit/7b405f95fe71db644cd8336ba5fa28b41e89d03e
- fix: https://github.com/aws/aws-advanced-go-wrapper/pull/270
source:
id: GHSA-7wq2-32h4-9hc9
created: 2025-11-13T23:01:11.215045335Z
review_status: UNREVIEWED