GHSA-JC69-HJW2-FM86 com.amazon.redshift:redshift-jdbc42 vulnerable to remote command execution

Impact A potential remote command execution issue exists within redshift-jdbc42 versions 2.1.0.7 and below. When plugins are used with the driver, it instantiates plugin instances based on Java class names provided via the sslhostnameverifier, socketFactory, sslfactory, and sslpasswordcallback...

GHSA-5C6Q-F783-H888 Duplicate Advisory: AWS Redshift JDBC Driver fails to validate class type during object instantiation

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-jc69-hjw2-fm86. This link is maintained to preserve external references. Original Description In Amazon AWS Redshift JDBC Driver aka amazon-redshift-jdbc-driver or redshift-jdbc42 before 2.1.0.8, the Object...

CVE-2022-41828

In Amazon AWS Redshift JDBC Driver aka amazon-redshift-jdbc-driver or redshift-jdbc42 before 2.1.0.8, the Object Factory does not check the class type when instantiating an object from a class name...

Phoenix Project Manager 2.1.0.8 - DLL Loading Arbitrary Code Execution

// source: https://www.securityfocus.com/bid/44198/info Phoenix Project Manager is prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location...