Vulnerabilities > Snowflake > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-22 | CVE-2023-51662 | Unspecified vulnerability in Snowflake Connector The Snowflake .NET driver provides an interface to the Microsoft .NET open source software framework for developing applications. | 7.5 |
| 2023-06-08 | CVE-2023-34230 | Unspecified vulnerability in Snowflake Connector snowflake-connector-net, the Snowflake Connector for .NET, is vulnerable to command injection prior to version 2.0.18 via SSO URL authentication. | 8.8 |
| 2023-06-08 | CVE-2023-34232 | Unspecified vulnerability in Snowflake Connector snowflake-connector-nodejs, a NodeJS driver for Snowflake, is vulnerable to command injection via single sign on (SSO) browser URL authentication in versions prior to 1.6.21. | 8.8 |
| 2023-06-08 | CVE-2023-34233 | Command Injection vulnerability in Snowflake Connector The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. | 8.8 |
| 2023-06-08 | CVE-2023-34231 | Unspecified vulnerability in Snowflake Gosnowflake gosnowflake is th Snowflake Golang driver. | 8.8 |
| 2023-04-14 | CVE-2023-30535 | Command Injection vulnerability in Snowflake Jdbc Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. | 8.8 |
| 2022-11-09 | CVE-2022-42965 | Unspecified vulnerability in Snowflake Snowflake-Connector-Python An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the undocumented get_file_transfer_type method | 7.5 |