Go modules package
github.com/snowflakedb/gosnowflake
pkg:golang/github.com/snowflakedb/gosnowflake
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-46327 | — | >= 1.7.0, < 1.13.3 | 1.13.3 | Apr 28, 2025 | gosnowflake is the Snowflake Golang driver. Versions starting from 1.7.0 to before 1.13.3, are vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition. When using the Easy Logging feature on Linux and macOS, the Driver reads logging configuration from a user-provided | ||
| CVE-2023-34231 | — | < 1.6.19 | 1.6.19 | Jun 8, 2023 | gosnowflake is th Snowflake Golang driver. Prior to version 1.6.19, a command injection vulnerability exists in the Snowflake Golang driver via single sign-on (SSO) browser URL authentication. In order to exploit the potential for command injection, an attacker would need to be s |
- CVE-2025-46327Apr 28, 2025affected >= 1.7.0, < 1.13.3fixed 1.13.3
gosnowflake is the Snowflake Golang driver. Versions starting from 1.7.0 to before 1.13.3, are vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition. When using the Easy Logging feature on Linux and macOS, the Driver reads logging configuration from a user-provided
- CVE-2023-34231Jun 8, 2023affected < 1.6.19fixed 1.6.19
gosnowflake is th Snowflake Golang driver. Prior to version 1.6.19, a command injection vulnerability exists in the Snowflake Golang driver via single sign-on (SSO) browser URL authentication. In order to exploit the potential for command injection, an attacker would need to be s