VYPR

Go modules package

github.com/snowflakedb/gosnowflake

pkg:golang/github.com/snowflakedb/gosnowflake

Vulnerabilities (2)

  • CVE-2025-46327Apr 28, 2025
    affected >= 1.7.0, < 1.13.3fixed 1.13.3

    gosnowflake is the Snowflake Golang driver. Versions starting from 1.7.0 to before 1.13.3, are vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition. When using the Easy Logging feature on Linux and macOS, the Driver reads logging configuration from a user-provided

  • CVE-2023-34231Jun 8, 2023
    affected < 1.6.19fixed 1.6.19

    gosnowflake is th Snowflake Golang driver. Prior to version 1.6.19, a command injection vulnerability exists in the Snowflake Golang driver via single sign-on (SSO) browser URL authentication. In order to exploit the potential for command injection, an attacker would need to be s