EUVD-2026-30803

amazon-redshift-python-driver vulnerable to Remote Code Execution via eval Injection...

Arbitrary Code Injection

Overview redshift-connector is a Redshift interface library Affected versions of this package are vulnerable to Arbitrary Code Injection due to the use of eval on untrusted data received from the server, in the vectorin function. An attacker can execute arbitrary code on the client system by...

CVE-2026-8838 Remote Code Execution via eval() Injection in amazon-redshift-python-driver

Unsafe use of Python's eval on server-received data in the vectorin function in amazon-redshift-python-driver before 2.1.14 allows a rogue server or man-in-the-middle actor to execute arbitrary code on the client. To remediate this issue, users should upgrade to version 2.1.14...

Amazon Redshift Python Connector 代码注入漏洞

The Amazon Redshift Python Connector is a Python-compatible connector for Amazon Redshift developed by Amazon, Inc. Versions of the Amazon Redshift Python Connector prior to version 2.1.14 contained a code injection vulnerability. This vulnerability stemmed from the unsafe use of the Python eval...

PT-2026-41734

Name of the Vulnerable Software and Affected Versions amazon-redshift-python-driver versions prior to 2.1.14 Description Unsafe use of Python's eval function on data received from a server within the vector in function allows a rogue server or man-in-the-middle actor to execute arbitrary code on...