PyPI package
snowflake-connector-python
pkg:pypi/snowflake-connector-python
Vulnerabilities (6)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-24795 | — | >= 2.3.7, < 3.13.1 | 3.13.1 | Jan 29, 2025 | The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. On Linux systems, when tempora | ||
| CVE-2025-24794 | — | >= 2.7.12, < 3.13.1 | 3.13.1 | Jan 29, 2025 | The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. The OCSP response cache uses p | ||
| CVE-2025-24793 | — | >= 2.2.5, < 3.13.1 | 3.13.1 | Jan 29, 2025 | The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. A function from the snowflake. | ||
| CVE-2024-49750 | — | < 3.12.3 | 3.12.3 | Oct 24, 2024 | The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Prior to version 3.12.3, when the logging level was set by the user to DEBUG, the Connector could have logged Duo passcod | ||
| CVE-2023-34233 | — | < 3.0.2 | 3.0.2 | Jun 8, 2023 | The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Versions prior to 3.0.2 are vulnerable to command injection via single sign-on(SSO) browser URL authentication. In order | ||
| CVE-2022-42965 | — | < 2.8.2 | 2.8.2 | Nov 9, 2022 | An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the undocumented get_file_transfer_type method |
- CVE-2025-24795Jan 29, 2025affected >= 2.3.7, < 3.13.1fixed 3.13.1
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. On Linux systems, when tempora
- CVE-2025-24794Jan 29, 2025affected >= 2.7.12, < 3.13.1fixed 3.13.1
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. The OCSP response cache uses p
- CVE-2025-24793Jan 29, 2025affected >= 2.2.5, < 3.13.1fixed 3.13.1
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. A function from the snowflake.
- CVE-2024-49750Oct 24, 2024affected < 3.12.3fixed 3.12.3
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Prior to version 3.12.3, when the logging level was set by the user to DEBUG, the Connector could have logged Duo passcod
- CVE-2023-34233Jun 8, 2023affected < 3.0.2fixed 3.0.2
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Versions prior to 3.0.2 are vulnerable to command injection via single sign-on(SSO) browser URL authentication. In order
- CVE-2022-42965Nov 9, 2022affected < 2.8.2fixed 2.8.2
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the undocumented get_file_transfer_type method