2 matches found
acedeploy (>=2.4.15 <=2.4.115), apache-airflow-providers-snowflake (>=2.4.0 <=2.5.1rc1) +106 more potentially affected by CVE-2025-24795 via snowflake-connector-python (>=2.3.7 <=3.13.0)
snowflake-connector-python PYPI version =2.3.7, =2.4.15, =2.4.0, =0.4.0, =0.1.3, =0.1.0, =1.13.21, =20230717.1.0, =0.4.0, =1.0.8, =1.0.5, =0.3.1, =1.1.4 - datacontract-cli =0.10.4 and more Source cves: CVE-2025-24795 Source advisory: SNYK:PYTHON-SNOWFLAKECONNECTORPYTHON-8675785...
GHSA-R2X6-CJG7-8R43 snowflake-connector-python vulnerable to insecure cache files permissions
Issue Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. On Linux systems, when temporary credential caching is enabled, the Snowflake Connector for Python will cache temporary credentials locally in a world-readable file. This vulnerability affects version...