CVE-2026-35562
CVE-2026-35562
8.7
HighPublished:
Last updated:
Source:ff89ba41-3aa1-4d27-914a-91399e9639e5
Analyzed
Weakness (CWE)
CVSS Vector
v4.0- Attack Vector
- Network
- Attack Complexity
- Low
- Attack Requirements
- None
- Privileges Required
- None
- User Interaction
- None
- Confidentiality (Vulnerable)
- None
- Integrity (Vulnerable)
- None
- Availability (Vulnerable)
- High
- Confidentiality (Subsequent)
- None
- Integrity (Subsequent)
- None
- Availability (Subsequent)
- None
Description
Allocation of resources without limits in the parsing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to cause a denial of service by delivering crafted input that triggers excessive resource consumption during the driver's parsing operations. To remediate this issue, users should upgrade to version 2.1.0.0.
References
ff89ba41-3aa1-4d27-914a-91399e9639e5
https://aws.amazon.com/security/security-bulletins/2026-013-aws/ff89ba41-3aa1-4d27-914a-91399e9639e5
https://docs.aws.amazon.com/athena/latest/ug/odbc-v2-driver-release-notes.htmlff89ba41-3aa1-4d27-914a-91399e9639e5
https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Linux/AmazonAthenaODBC-2.1.0.0.rpmff89ba41-3aa1-4d27-914a-91399e9639e5
https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Mac/Intel/AmazonAthenaODBC-2.1.0.0_x86.pkgff89ba41-3aa1-4d27-914a-91399e9639e5
https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Mac/arm/AmazonAthenaODBC-2.1.0.0_arm.pkgff89ba41-3aa1-4d27-914a-91399e9639e5
https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Windows/AmazonAthenaODBC-2.1.0.0.msi