VYPR

PyPI package

redshift-connector

pkg:pypi/redshift-connector

Vulnerabilities (1)

  • CVE-2025-5279HigMay 27, 2025
    affected >= 2.0.872, < 2.1.7fixed 2.1.7

    When the Amazon Redshift Python Connector is configured with the BrowserAzureOAuth2CredentialsProvider plugin, the driver skips the SSL certificate validation step for the Identity Provider. An insecure connection could allow an actor to intercept the token exchange process and r