The Amazon Redshift Python Connector is a pure Python connector that implements the Python Database API 2.0. An issue, identified as CVE-2025-5279, was found in the Amazon Redshift Python Connector with versions 2.0.872 through 2.1.6. The issue occurs when the connector is configured with the BrowserAzureOAuth2CredentialsProvider plugin, which skips SSL certificate validation for the Identity Provider. This allows an actor to intercept the exchange process and retrieve an access token. The issue has been addressed in driver version 2.1.7. Users should upgrade to this new driver to address the issue and ensure any forked or derivative code is patched. The affected versions are 2.0.872 through 2.1.6. The resolution is to upgrade to version 2.1.7 and patch any forked or derivative code. For security questions or concerns, email [email protected]. The issue has been referenced as CVE-2025-5279 and GHSA-r244-wg5g-6w2r.