589 matches found
MAL-2026-2109 Malicious code in pyregions-snowflake (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4c3a6759d779c0fe3ffac5559aa5f8915f72cab6bce545e1fe261f3caab47a65 During installation, the package starts obfuscated code that downloads and runs remote executables in specific environments - in older packages - attempts to...
CVE-2026-3293
A flaw was found in snowflake-jdbc. A local user can exploit a vulnerability in the SdkProxyRoutePlanner function by manipulating the nonProxyHosts argument. This manipulation leads to inefficient regular expression complexity, which can result in a Denial of Service DoS condition...
com.codbex.atlas:codbex-atlas-application (>=2.97.0 <=2.99.0), com.codbex.gaia:codbex-gaia-application (=2.73.0) +24 more potentially affected by CVE-2026-3293 via net.snowflake:snowflake-jdbc (>=4.0.0 <=4.0.1)
net.snowflake:snowflake-jdbc MAVEN version =4.0.0, =2.97.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.1.0, =5.1.0, =5.2.0 and more Source cves: CVE-2026-3293 Source advisory: SNYK:JAVA-NETSNOWFLAKE-15361271...
ai.starlake:starlake-api_2.13 (>=1.5.8 <=1.5.15), be.ugent.idlab.knows:dataio (>=2.0.0 <=2.2.0) +190 more potentially affected by CVE-2026-3293 via net.snowflake:snowflake-jdbc (>=3.0.0 <=4.0.1)
net.snowflake:snowflake-jdbc MAVEN version =3.0.0, =1.5.8, =2.0.0, =1.0, =1.14, =1.1, =1.1.0, =2.55.0, =1.0.5, =1.1.0, =1.1.0, =1.1.0, =0.2.0, =1.1.0, =0.3.0, =0.4.4 and more Source cves: CVE-2026-3293 Source advisory: OSV:GHSA-GX6C-PV62-9MCF...
GHSA-GX6C-PV62-9MCF Snowflake JDBC Driver is Vulnerable to Uncontrolled Resource Consumption through SdkProxyRoutePlanner
A weakness has been identified in Snowflake JDBC Driver up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. Executing a manipulation of the argument nonProxyHosts can...
EUVD-2026-9002
A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. Executing a manipulation of the argument nonProxyHosts...
Snowflake JDBC Driver is Vulnerable to Uncontrolled Resource Consumption through SdkProxyRoutePlanner
A weakness has been identified in Snowflake JDBC Driver up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. Executing a manipulation of the argument nonProxyHosts can...
CVE-2026-3293
A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. Executing a manipulation of the argument nonProxyHosts...
CVE-2026-3293
A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. Executing a manipulation of the argument nonProxyHosts...
CVE-2026-3293 snowflakedb snowflake-jdbc JDBC URL SdkProxyRoutePlanner.java SdkProxyRoutePlanner redos
A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. Executing a manipulation of the argument nonProxyHosts...
CVE-2026-3293 snowflakedb snowflake-jdbc JDBC URL SdkProxyRoutePlanner.java SdkProxyRoutePlanner redos
A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. Executing a manipulation of the argument nonProxyHosts...
CVE-2026-3293
CVE-2026-3293 affects snowflake-bdb snowflake-jdbc up to 4.0.1, specifically the SdkProxyRoutePlanner (src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java) in the JDBC URL Handler. The vulnerability arises from manipulating the nonProxyHosts argument, which can cause ineffi...
CVE-2026-3293 snowflakedb snowflake-jdbc JDBC URL SdkProxyRoutePlanner.java SdkProxyRoutePlanner redos
A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. Executing a manipulation of the argument nonProxyHosts...
Snowflake JDBC Driver 安全漏洞
The Snowflake JDBC Driver is a driver developed by Snowflake Corporation. Versions of the Snowflake JDBC Driver prior to 4.0.1 contained a security vulnerability. This vulnerability stemmed from incorrect handling of the nonProxyHosts parameter in the function SdkProxyRoutePlanner within the...
PT-2026-22301
A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. Executing a manipulation of the argument nonProxyHosts...
CVE-2026-0994 vulnerabilities
Vulnerabilities for packages: litellm, tensorflow-cpu-jupyter, text-generation-inference, py3-cassandra-medusa, py3-protobuf, authentik-fips, azure-functions-python-worker, ghidra, kserve, spamcheck, datadog-agent, awx, opentelemetry-python-instrumentation, dbt-bigquery, barman, nemo,...
GHSA-7GCM-G887-7QV7 vulnerabilities
Vulnerabilities for packages: litellm, tensorflow-cpu-jupyter, text-generation-inference, py3-cassandra-medusa, py3-protobuf, authentik-fips, azure-functions-python-worker, ghidra, kserve, spamcheck, datadog-agent, awx, opentelemetry-python-instrumentation, dbt-bigquery, barman, nemo,...
Ubuntu 22.04 LTS : Snowflake vulnerabilities (USN-7966-1)
The remote Ubuntu 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7966-1 advisory. It was discovered that Pion DTLS, vendored in Snowflake, did not impose a limit on the amount of data that was buffered during the handshake. An attacker...
Ubuntu: Security Advisory (USN-7966-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-7966-1: Snowflake vulnerabilities
It was discovered that Pion DTLS, vendored in Snowflake, did not impose a limit on the amount of data that was buffered during the handshake. An attacker could possibly use the issue to cause a denial of service. CVE-2022-29189 It was discovered that Pion DTLS, vendored in Snowflake, did not...