Vulnerabilities > Snowflake > Snowflake Connector
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-24 | CVE-2024-49750 | Information Exposure Through Log Files vulnerability in Snowflake Connector The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. | 5.5 |
| 2023-12-22 | CVE-2023-51662 | Improper Certificate Validation vulnerability in Snowflake Connector The Snowflake .NET driver provides an interface to the Microsoft .NET open source software framework for developing applications. | 7.5 |
| 2023-06-08 | CVE-2023-34230 | Command Injection vulnerability in Snowflake Connector snowflake-connector-net, the Snowflake Connector for .NET, is vulnerable to command injection prior to version 2.0.18 via SSO URL authentication. | 8.8 |
| 2023-06-08 | CVE-2023-34232 | Command Injection vulnerability in Snowflake Connector snowflake-connector-nodejs, a NodeJS driver for Snowflake, is vulnerable to command injection via single sign on (SSO) browser URL authentication in versions prior to 1.6.21. | 8.8 |
| 2023-06-08 | CVE-2023-34233 | Command Injection vulnerability in Snowflake Connector The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. | 8.8 |