Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSV
OSVadded 2025/01/29 6:42 p.m.8 views

GHSA-XFHV-WQJ6-RX99 snowflake-sdk may incorrectly validate temporary credential cache file permissions

Issue Snowflake discovered and remediated a vulnerability in the Snowflake NodeJS Driver. File permissions checks of the temporary credential cache could be bypassed by an attacker with write access to the local cache directory. This vulnerability affects versions 1.12.0 through 2.0.1 on Linux...

4.4CVSS4.7AI score0.00022EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2025/01/29 6:42 p.m.16 views

snowflake-sdk may incorrectly validate temporary credential cache file permissions

Issue Snowflake discovered and remediated a vulnerability in the Snowflake NodeJS Driver. File permissions checks of the temporary credential cache could be bypassed by an attacker with write access to the local cache directory. This vulnerability affects versions 1.12.0 through 2.0.1 on Linux...

5.5CVSS4.7AI score0.00022EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2025/01/29 4:59 p.m.6 views

CVE-2025-24791 snowflake-connector-nodejs has incorrect validation of temporary credential cache file permissions

snowflake-connector-nodejs is a NodeJS driver for Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake NodeJS Driver. File permissions checks of the temporary credential cache could be bypassed by an attacker with write access to the local cache directory. This...

4.4CVSS6.3AI score0.00022EPSS
Exploits0References4
CNNVD
CNNVDadded 2025/01/29 12:0 a.m.2 views

NodeJS Driver for Snowflake 安全漏洞

NodeJS Driver for Snowflake is an open source NodeJS driver from Snowflake Computing. A security vulnerability exists in NodeJS Driver for Snowflake versions prior to 2.0.2, which stems from an attacker with write access to a local cache directory can bypass file permission checks in the temporar...

5.5CVSS6.2AI score0.00022EPSS
Exploits0References3
OSV
OSVadded 2023/06/08 8:17 p.m.20 views

CVE-2023-34232 Snowflake NodeJS Driver vulnerable to Command Injection

snowflake-connector-nodejs, a NodeJS driver for Snowflake, is vulnerable to command injection via single sign on SSO browser URL authentication in versions prior to 1.6.21. In order to exploit the potential for command injection, an attacker would need to be successful in 1 establishing a malicio...

7.3CVSS8.9AI score0.00554EPSS
Exploits0References6
CNNVD
CNNVDadded 2023/06/08 12:0 a.m.1 views

Snowflake snowflake-connector-nodejs 命令注入漏洞

Snowflake snowflake-connector-nodejs is a Snowflake connector for NODEJS from Snowflake, Inc. A command injection vulnerability exists in Snowflake snowflake-connector-nodejs versions prior to 1.6.21. An attacker could exploit this vulnerability to cause remote code execution...

8.8CVSS8.4AI score0.00554EPSS
Exploits0References5
Rows per page
Query Builder