Vulnerabilities > Snowflake > Snowflake Connector > High

DATE CVE VULNERABILITY TITLE RISK
2023-12-22 CVE-2023-51662 Improper Certificate Validation vulnerability in Snowflake Connector
The Snowflake .NET driver provides an interface to the Microsoft .NET open source software framework for developing applications.
network
high complexity
snowflake CWE-295
7.5
2023-06-08 CVE-2023-34230 Command Injection vulnerability in Snowflake Connector
snowflake-connector-net, the Snowflake Connector for .NET, is vulnerable to command injection prior to version 2.0.18 via SSO URL authentication.
network
low complexity
snowflake CWE-77
8.8
2023-06-08 CVE-2023-34232 Command Injection vulnerability in Snowflake Connector
snowflake-connector-nodejs, a NodeJS driver for Snowflake, is vulnerable to command injection via single sign on (SSO) browser URL authentication in versions prior to 1.6.21.
network
low complexity
snowflake CWE-77
8.8
2023-06-08 CVE-2023-34233 Command Injection vulnerability in Snowflake Connector
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations.
network
low complexity
snowflake CWE-77
8.8