High severityNVD Advisory· Published Sep 29, 2022· Updated May 20, 2025
CVE-2022-41828
CVE-2022-41828
Description
In Amazon AWS Redshift JDBC Driver (aka amazon-redshift-jdbc-driver or redshift-jdbc42) before 2.1.0.8, the Object Factory does not check the class type when instantiating an object from a class name.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
com.amazon.redshift:redshift-jdbc42Maven | < 2.1.0.8 | 2.1.0.8 |
Affected products
2Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-jc69-hjw2-fm86ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-41828ghsaADVISORY
- github.com/aws/amazon-redshift-jdbc-driver/commit/40b143b4698faf90c788ffa89f2d4d8d2ad068b5ghsaWEB
- github.com/aws/amazon-redshift-jdbc-driver/commit/9999659bbc9f3d006fb02a0bf39d5bcf3b503605ghsaWEB
- github.com/aws/amazon-redshift-jdbc-driver/security/advisories/GHSA-jc69-hjw2-fm86ghsaWEB
News mentions
0No linked articles in our index yet.