Vulnerabilities > Snowflake
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-08 | CVE-2023-34232 | Unspecified vulnerability in Snowflake Connector snowflake-connector-nodejs, a NodeJS driver for Snowflake, is vulnerable to command injection via single sign on (SSO) browser URL authentication in versions prior to 1.6.21. | 8.8 |
| 2023-06-08 | CVE-2023-34233 | Command Injection vulnerability in Snowflake Connector The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. | 8.8 |
| 2023-06-08 | CVE-2023-34231 | Unspecified vulnerability in Snowflake Gosnowflake gosnowflake is th Snowflake Golang driver. | 8.8 |
| 2023-04-14 | CVE-2023-30535 | Command Injection vulnerability in Snowflake Jdbc Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. | 8.8 |
| 2023-03-16 | CVE-2023-27494 | Unspecified vulnerability in Snowflake Streamlit Streamlit, software for turning data scripts into web applications, had a cross-site scripting (XSS) vulnerability in versions 0.63.0 through 0.80.0. | 6.1 |
| 2022-11-09 | CVE-2022-42965 | Unspecified vulnerability in Snowflake Snowflake-Connector-Python An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the undocumented get_file_transfer_type method | 7.5 |
| 2022-08-01 | CVE-2022-35918 | Path Traversal vulnerability in Snowflake Streamlit Streamlit is a data oriented application development framework for python. | 6.5 |