5 matches found
EUVD-2026-42284
Snowflake Terraform Provider versions prior to 2.18.0 contain several security vulnerabilities, including SQL injection via an unsanitized data source input could result in arbitrary SQL execution under the provider's privileged Snowflake session, potentially enabling sensitive data exfiltration...
CVE-2026-15067 Multiple Security Vulnerabilities in Terraform Provider for Snowflake Could Allow Privilege Escalation and Unauthorized Snowflake Account Takeover
Snowflake Terraform Provider versions prior to 2.18.0 contain several security vulnerabilities, including SQL injection via an unsanitized data source input could result in arbitrary SQL execution under the provider's privileged Snowflake session, potentially enabling sensitive data exfiltration...
airflow-oracle-snowflake-plugin (>=0.1.0 <=0.1.2), airflow-provider-cloe (>=20221202.9.0 <=20221202.13.0) +4 more potentially affected by CVE-2025-50213 via apache-airflow-providers-snowflake (>=1.1.0 <=6.13.0)
apache-airflow-providers-snowflake PYPI version =1.1.0, =0.1.0, =20221202.9.0, =0.0.4, =0.1.0, =0.1.1 Source cves: CVE-2025-50213 Source advisory: OSV:PYSEC-2025-51...
PYSEC-2025-51
Failure to Sanitize Special Elements into a Different Plane Special Element Injection vulnerability in Apache Airflow Providers Snowflake.This issue affects Apache Airflow Providers Snowflake: before 6.4.0.Sanitation of table and stage parameters were added...
airflow-provider-cloe (>=20221202.9.0 <=20221202.13.0), astronomer-providers (=1.0.0) +2 more potentially affected by CVE-2025-50213 via apache-airflow-providers-snowflake (=6.13.0)
apache-airflow-providers-snowflake PYPI version =6.13.0 is affected by a known vulnerability. The following packages have a transitive dependency on apache-airflow-providers-snowflake and may be impacted: - airflow-provider-cloe =20221202.9.0, =0.1.0, =0.1.1 Source cves: CVE-2025-50213 Source...