Vulnerabilities > Snowflake
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-24 | CVE-2024-49750 | Information Exposure Through Log Files vulnerability in Snowflake Connector The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. | 5.5 |
| 2024-08-12 | CVE-2024-42474 | Path Traversal vulnerability in Snowflake Streamlit Streamlit is a data oriented application development framework for python. | 6.5 |
| 2024-03-15 | CVE-2024-28851 | Unspecified vulnerability in Snowflake Hive Metastore Connector The Snowflake Hive metastore connector provides an easy way to query Hive-managed data via Snowflake. | 7.8 |
| 2023-12-22 | CVE-2023-51662 | Unspecified vulnerability in Snowflake Connector The Snowflake .NET driver provides an interface to the Microsoft .NET open source software framework for developing applications. | 7.5 |
| 2023-06-08 | CVE-2023-34230 | Unspecified vulnerability in Snowflake Connector snowflake-connector-net, the Snowflake Connector for .NET, is vulnerable to command injection prior to version 2.0.18 via SSO URL authentication. | 8.8 |
| 2023-06-08 | CVE-2023-34232 | Unspecified vulnerability in Snowflake Connector snowflake-connector-nodejs, a NodeJS driver for Snowflake, is vulnerable to command injection via single sign on (SSO) browser URL authentication in versions prior to 1.6.21. | 8.8 |
| 2023-06-08 | CVE-2023-34233 | Command Injection vulnerability in Snowflake Connector The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. | 8.8 |
| 2023-06-08 | CVE-2023-34231 | Unspecified vulnerability in Snowflake Gosnowflake gosnowflake is th Snowflake Golang driver. | 8.8 |
| 2023-04-14 | CVE-2023-30535 | Command Injection vulnerability in Snowflake Jdbc Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. | 8.8 |
| 2023-03-16 | CVE-2023-27494 | Unspecified vulnerability in Snowflake Streamlit Streamlit, software for turning data scripts into web applications, had a cross-site scripting (XSS) vulnerability in versions 0.63.0 through 0.80.0. | 6.1 |