CVE-2025-5874

A vulnerability was found in Redash up to 10.1.0/25.1.0. It has been rated as critical. This issue affects the function run_query of the file /query_runner/python.py of the component getattr Handler. The manipulation leads to sandbox issue. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Configurations

No configuration.

History

09 Jun 2025, 11:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-06-09 11:15

Updated : 2025-06-09 12:15


NVD link : CVE-2025-5874

Mitre link : CVE-2025-5874

CVE.ORG link : CVE-2025-5874


JSON object : View

Products Affected

No product.

CWE
CWE-264

Permissions, Privileges, and Access Controls

CWE-265

Privilege Issues