Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-m494-w24q-6f7w

GitHub Security Advisory

JDBC Driver for SQL Server has improper input validation issue

✓ GitHub Reviewed HIGH Has CVE
View on GitHub

Advisory Details

Improper input validation in JDBC Driver for SQL Server allows an unauthorized attacker to perform spoofing over a network.

Affected Packages

Maven com.microsoft.sqlserver:mssql-jdbc
Affected versions: 0.2.0-SNAPSHOT.jre11-preview (fixed in 10.2.4.jre11)
Maven com.microsoft.sqlserver:mssql-jdbc
Affected versions: 11.2.0.jre11 (fixed in 11.2.4.jre11)
Maven com.microsoft.sqlserver:mssql-jdbc
Affected versions: 12.2.0.jre11 (fixed in 12.2.1.jre11)
Maven com.microsoft.sqlserver:mssql-jdbc
Affected versions: 12.6.0.jre11 (fixed in 12.6.5.jre11)
Maven com.microsoft.sqlserver:mssql-jdbc
Affected versions: 12.8.0.jre11 (fixed in 12.8.2.jre11)
Maven com.microsoft.sqlserver:mssql-jdbc
Affected versions: 12.10.0.jre11 (fixed in 12.10.2.jre11)
Maven com.microsoft.sqlserver:mssql-jdbc
Affected versions: 13.2.0.jre11 (fixed in 13.2.1.jre11)

Related CVEs

CVE-2025-59250

Key Information

GHSA ID
GHSA-m494-w24q-6f7w
Published
October 14, 2025 6:30 PM
Last Modified
November 5, 2025 5:26 PM
CVSS Score
7.5 /10
Primary Ecosystem
Maven
Primary Package
com.microsoft.sqlserver:mssql-jdbc
GitHub Reviewed
✓ Yes

Dataset

Last updated: November 24, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.