VYPR

PyPI package

snowflake-connector-python

pkg:pypi/snowflake-connector-python

Vulnerabilities (6)

  • CVE-2025-24795Jan 29, 2025
    affected >= 2.3.7, < 3.13.1fixed 3.13.1

    The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. On Linux systems, when tempora

  • CVE-2025-24794Jan 29, 2025
    affected >= 2.7.12, < 3.13.1fixed 3.13.1

    The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. The OCSP response cache uses p

  • CVE-2025-24793Jan 29, 2025
    affected >= 2.2.5, < 3.13.1fixed 3.13.1

    The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. A function from the snowflake.

  • CVE-2024-49750Oct 24, 2024
    affected < 3.12.3fixed 3.12.3

    The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Prior to version 3.12.3, when the logging level was set by the user to DEBUG, the Connector could have logged Duo passcod

  • CVE-2023-34233Jun 8, 2023
    affected < 3.0.2fixed 3.0.2

    The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Versions prior to 3.0.2 are vulnerable to command injection via single sign-on(SSO) browser URL authentication. In order

  • CVE-2022-42965Nov 9, 2022
    affected < 2.8.2fixed 2.8.2

    An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the undocumented get_file_transfer_type method