An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Redshift JDBC Driver 1.2.40 through 1.2.55 may allow a local user to execute code. NOTE: this is different from CVE-2022-29972.Referenceshttps://www.magnitude.com/products/data-connectivityhttps://insightsoftware.com/trust/security/advisories/redshift-and-athena-driver-vulnerability/https://insightsoftware.com/trust/security/advisories/redshift-and-athena-driver-vulnerability/
