📦 Snowflake Connector

The Snowflake Connector for Python contains a SQL injection vulnerability in the snowflake.connector.pandas_tools module. This allows attackers to execute arbitrary SQL commands on Snowflake databases...

The Snowflake Connector for .NET is vulnerable to command injection via SSO URL authentication, allowing remote code execution if an attacker tricks a user into visiting a maliciously crafted connecti...

The Snowflake Connector for Python versions before 3.0.2 are vulnerable to command injection through SSO browser URL authentication. An attacker can set up a malicious server and trick users into visi...

The Snowflake Connector for .NET versions 2.0.12 through 4.2.0 on Linux and macOS temporarily store downloaded stage files in world-readable directories, allowing unauthorized local users on the same ...

The Snowflake Connector for Python uses pickle for OCSP response cache serialization, allowing local attackers to execute arbitrary code via cache poisoning. This affects Python applications using vul...

The snowflake-connector-nodejs driver has a vulnerability where file permission checks for temporary credential cache can be bypassed. An attacker with write access to the local cache directory could ...