mirror of
https://github.com/hashicorp/vault.git
synced 2026-05-12 00:13:45 +02:00
8ba69fccb1
* VAULT-43691 - Fix SQL injection risk in HANA and Redshift DeleteUser revoke paths (#13741) HANA now safely quotes usernames as identifiers, and Redshift safely quotes usernames as string literals before constructing revoke/delete SQL. Added regression tests to ensure crafted usernames cannot inject additional SQL and that only the targeted user is deleted.