Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:11 a.m.9 views

CVE-2023-30535

Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Users of the Snowflake JDBC driver were vulnerable to a command injection vulnerability. An attacker could set up a malicious, publicly accessible server which responds to...

8.8CVSS7.8AI score0.01668EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/14 6:36 p.m.40 views

Security Bulletin: IBM Security Guardium is affected by a snowflake-jdbc-3.13.8.jar vulnerability (CVE-2023-30535)

Summary IBM Security Guardium has fixed this vulnerability Vulnerability Details CVEID:CVE-2023-30535 DESCRIPTION: Snowflake Computing Snowflake JDBC could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the SSO URL...

8.8CVSS8.3AI score0.01668EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/10/18 12:0 a.m.27 views

Oracle GoldenGate for Big Data RCE (October 2023 CPU)

According to its self-reported version number, the Oracle GoldenGate for Big Data application located on the remote host is 21.3 = 21.10. It is, therefore, affected by a remote code execution vulnerability: - Vulnerability in the GoldenGate Big Data product of Oracle GoldenGate component:...

8.8CVSS8.9AI score0.01668EPSS
Exploits0References3
Circl
Circl
added 2023/04/15 12:26 a.m.8 views

CVE-2023-30535

creationtimestamp| type| source ---|---|--- 2023-04-15 00:26:27+00:00| seen| https://t.me/cibsecurity/62201 2023-04-27 19:58:34+00:00| seen| https://t.me/truesecator/4331...

8.8CVSS8.2AI score0.01668EPSS
Exploits0References2
NVD
NVD
added 2023/04/14 8:15 p.m.33 views

CVE-2023-30535

Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Users of the Snowflake JDBC driver were vulnerable to a command injection vulnerability. An attacker could set up a malicious, publicly accessible server which responds to...

8.8CVSS8.3AI score0.01668EPSS
Exploits0References2
OSV
OSV
added 2023/04/14 7:30 p.m.23 views

CVE-2023-30535 Snowflake JDBC vulnerable to command injection via SSO URL authentication

Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Users of the Snowflake JDBC driver were vulnerable to a command injection vulnerability. An attacker could set up a malicious, publicly accessible server which responds to...

7.3CVSS9.3AI score0.01668EPSS
Exploits0References4
CVE
CVE
added 2023/04/14 7:30 p.m.85 views

CVE-2023-30535

CVE-2023-30535 affects Snowflake JDBC (type 4 driver). The issue is a command injection via the SSO URL authentication payload. It was patched in Snowflake JDBC driver version 3.13.29; all users should upgrade to 3.13.29 or later. Related IBM/Oracle advisories note the CVE in the context of Oracl...

8.8CVSS8.2AI score0.01668EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/14 7:30 p.m.9 views

CVE-2023-30535 Snowflake JDBC vulnerable to command injection via SSO URL authentication

Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Users of the Snowflake JDBC driver were vulnerable to a command injection vulnerability. An attacker could set up a malicious, publicly accessible server which responds to...

7.3CVSS9AI score0.01668EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2023/04/14 6:28 p.m.4 views

com.damavis:damavis-spark-snowflake_2.12 (>=0.3.0 <=0.4.4), com.linkedin.feathr:feathr_2.12 (>=0.1.0 <=1.0.5-rc5) +49 more potentially affected by CVE-2023-30535 via net.snowflake:snowflake-jdbc (>=3.0.0 <=3.13.28)

net.snowflake:snowflake-jdbc MAVEN version =3.0.0, =0.3.0, =0.1.0, =1.2.0.0-rc2, =0.9.0, =0.9.0, =0.10.1, =1.0.0, =1.0.0, =3.0.0.Final, =3.0.0.Final, =3.1.3.Final and more Source cves: CVE-2023-30535 Source advisory: OSV:GHSA-4G3J-C4WG-6J7X...

8.8CVSS7.7AI score0.01668EPSS
Exploits0
Rows per page
Query Builder