com.amazon.redshift:redshift-jdbc42

Maven4 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting com.amazon.redshift:redshift-jdbc42page 1 of 1

CVE-2022-41828HIGHCVSS 8.1EG 8.1✓ Fixed in 2.1.0.8
2022-09-29
vulnerable: 2.0.0.3 ... 2.1.0.7 (12 versions)
In Amazon AWS Redshift JDBC Driver (aka amazon-redshift-jdbc-driver or redshift-jdbc42) before 2.1.0.8, the Object Factory does not check the class type when instantiating an object from a class name.
CVE-2024-12744HIGHCVSS 8.0EG 8.0✓ Fixed in 2.1.0.32
2024-12-24
vulnerable: 2.1.0.31
A SQL injection in the Amazon Redshift JDBC Driver in v2.1.0.31 allows a user to gain escalated privileges via the getSchemas, getTables, or getColumns Metadata APIs. Users should upgrade to the driver version 2.1.0.32 or revert to driver …
CVE-2024-32888CRITICALCVSS 10.0EG 10.0✓ Fixed in 2.1.0.28
2024-05-15
vulnerable: 2.0.0.3 ... 2.1.0.9 (32 versions)
The Amazon JDBC Driver for Redshift is a Type 4 JDBC driver that provides database connectivity through the standard JDBC application program interfaces (APIs) available in the Java Platform, Enterprise Editions. Prior to version 2.1.0.28,…
CVE-2026-8178HIGHCVSS 8.1EG 8.1✓ Fixed in 2.2.2
2026-05-08
vulnerable: 2.0.0.3 ... 2.2.1 (41 versions)
An issue exists in Amazon Redshift JDBC Driver versions prior to 2.2.2. Under certain conditions, the driver could load and execute arbitrary classes when processing JDBC connection URL parameters. An actor who can influence the connection…

Check whether com.amazon.redshift:redshift-jdbc42 is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for com.amazon.redshift:redshift-jdbc42 CVEs against the assets you own.

Start Free Scan →