Lucene search
+L

589 matches found

osv
osv
added 2026/03/23 2:8 p.m.11 views

MAL-2026-2109 Malicious code in pyregions-snowflake (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4c3a6759d779c0fe3ffac5559aa5f8915f72cab6bce545e1fe261f3caab47a65 During installation, the package starts obfuscated code that downloads and runs remote executables in specific environments - in older packages - attempts to...

5.9AI score
Exploits0References5
redhatcve
redhatcve
added 2026/02/27 11:55 a.m.6 views

CVE-2026-3293

A flaw was found in snowflake-jdbc. A local user can exploit a vulnerability in the SdkProxyRoutePlanner function by manipulating the nonProxyHosts argument. This manipulation leads to inefficient regular expression complexity, which can result in a Denial of Service DoS condition...

5.5CVSS5.7AI score0.00209EPSS
Exploits1References11
vulnersosv
vulnersosv
added 2026/02/27 9:21 a.m.7 views

com.codbex.atlas:codbex-atlas-application (>=2.97.0 <=2.99.0), com.codbex.gaia:codbex-gaia-application (=2.73.0) +24 more potentially affected by CVE-2026-3293 via net.snowflake:snowflake-jdbc (>=4.0.0 <=4.0.1)

net.snowflake:snowflake-jdbc MAVEN version =4.0.0, =2.97.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.1.0, =5.1.0, =5.2.0 and more Source cves: CVE-2026-3293 Source advisory: SNYK:JAVA-NETSNOWFLAKE-15361271...

5.5CVSS5.7AI score0.00209EPSS
Exploits1
vulnersosv
vulnersosv
added 2026/02/27 6:31 a.m.8 views

ai.starlake:starlake-api_2.13 (>=1.5.8 <=1.5.15), be.ugent.idlab.knows:dataio (>=2.0.0 <=2.2.0) +190 more potentially affected by CVE-2026-3293 via net.snowflake:snowflake-jdbc (>=3.0.0 <=4.0.1)

net.snowflake:snowflake-jdbc MAVEN version =3.0.0, =1.5.8, =2.0.0, =1.0, =1.14, =1.1, =1.1.0, =2.55.0, =1.0.5, =1.1.0, =1.1.0, =1.1.0, =0.2.0, =1.1.0, =0.3.0, =0.4.4 and more Source cves: CVE-2026-3293 Source advisory: OSV:GHSA-GX6C-PV62-9MCF...

5.5CVSS5.8AI score0.00209EPSS
Exploits1
osv
osv
added 2026/02/27 6:31 a.m.3 views

GHSA-GX6C-PV62-9MCF Snowflake JDBC Driver is Vulnerable to Uncontrolled Resource Consumption through SdkProxyRoutePlanner

A weakness has been identified in Snowflake JDBC Driver up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. Executing a manipulation of the argument nonProxyHosts can...

4.8CVSS5.5AI score0.00209EPSS
Exploits1References9
euvd
euvd
added 2026/02/27 6:31 a.m.8 views

EUVD-2026-9002

A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. Executing a manipulation of the argument nonProxyHosts...

4.8CVSS4.4AI score0.00209EPSS
Exploits1References9
github
github
added 2026/02/27 6:31 a.m.9 views

Snowflake JDBC Driver is Vulnerable to Uncontrolled Resource Consumption through SdkProxyRoutePlanner

A weakness has been identified in Snowflake JDBC Driver up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. Executing a manipulation of the argument nonProxyHosts can...

5.5CVSS5.5AI score0.00209EPSS
Exploits1References10Affected Software1
nvd
nvd
added 2026/02/27 6:18 a.m.9 views

CVE-2026-3293

A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. Executing a manipulation of the argument nonProxyHosts...

5.5CVSS0.00209EPSS
Exploits1References8
attackerkb
attackerkb
added 2026/02/27 5:32 a.m.4 views

CVE-2026-3293

A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. Executing a manipulation of the argument nonProxyHosts...

5.5CVSS5.3AI score0.00209EPSS
Exploits1References8Affected Software1
vulnrichment
vulnrichment
added 2026/02/27 5:32 a.m.3 views

CVE-2026-3293 snowflakedb snowflake-jdbc JDBC URL SdkProxyRoutePlanner.java SdkProxyRoutePlanner redos

A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. Executing a manipulation of the argument nonProxyHosts...

4.8CVSS5.5AI score0.00209EPSS
Exploits1References8
osv
osv
added 2026/02/27 5:32 a.m.7 views

CVE-2026-3293 snowflakedb snowflake-jdbc JDBC URL SdkProxyRoutePlanner.java SdkProxyRoutePlanner redos

A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. Executing a manipulation of the argument nonProxyHosts...

4.8CVSS5.2AI score0.00209EPSS
Exploits1References10
cve
cve
added 2026/02/27 5:32 a.m.29 views

CVE-2026-3293

CVE-2026-3293 affects snowflake-bdb snowflake-jdbc up to 4.0.1, specifically the SdkProxyRoutePlanner (src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java) in the JDBC URL Handler. The vulnerability arises from manipulating the nonProxyHosts argument, which can cause ineffi...

5.5CVSS4.5AI score0.00209EPSS
Exploits1References8Affected Software1
cvelist
cvelist
added 2026/02/27 5:32 a.m.30 views

CVE-2026-3293 snowflakedb snowflake-jdbc JDBC URL SdkProxyRoutePlanner.java SdkProxyRoutePlanner redos

A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. Executing a manipulation of the argument nonProxyHosts...

4.8CVSS0.00209EPSS
Exploits1References8
cnnvd
cnnvd
added 2026/02/27 12:0 a.m.9 views

Snowflake JDBC Driver 安全漏洞

The Snowflake JDBC Driver is a driver developed by Snowflake Corporation. Versions of the Snowflake JDBC Driver prior to 4.0.1 contained a security vulnerability. This vulnerability stemmed from incorrect handling of the nonProxyHosts parameter in the function SdkProxyRoutePlanner within the...

5.5CVSS5.8AI score0.00209EPSS
Exploits1References8
ptsecurity
ptsecurity
added 2026/02/27 12:0 a.m.17 views

PT-2026-22301

A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. Executing a manipulation of the argument nonProxyHosts...

4.8CVSS5.5AI score0.00209EPSS
Exploits1References9
cgr
cgr
added 2026/01/30 7:17 a.m.10 views

CVE-2026-0994 vulnerabilities

Vulnerabilities for packages: litellm, tensorflow-cpu-jupyter, text-generation-inference, py3-cassandra-medusa, py3-protobuf, authentik-fips, azure-functions-python-worker, ghidra, kserve, spamcheck, datadog-agent, awx, opentelemetry-python-instrumentation, dbt-bigquery, barman, nemo,...

8.2CVSS6.5AI score0.00613EPSS
Exploits0
cgr
cgr
added 2026/01/30 7:17 a.m.2 views

GHSA-7GCM-G887-7QV7 vulnerabilities

Vulnerabilities for packages: litellm, tensorflow-cpu-jupyter, text-generation-inference, py3-cassandra-medusa, py3-protobuf, authentik-fips, azure-functions-python-worker, ghidra, kserve, spamcheck, datadog-agent, awx, opentelemetry-python-instrumentation, dbt-bigquery, barman, nemo,...

6.1AI score
Exploits0
nessus
nessus
added 2026/01/20 12:0 a.m.3 views

Ubuntu 22.04 LTS : Snowflake vulnerabilities (USN-7966-1)

The remote Ubuntu 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7966-1 advisory. It was discovered that Pion DTLS, vendored in Snowflake, did not impose a limit on the amount of data that was buffered during the handshake. An attacker...

7.5CVSS5.8AI score0.01952EPSS
Exploits0References4
openvas
openvas
added 2026/01/20 12:0 a.m.4 views

Ubuntu: Security Advisory (USN-7966-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.5AI score0.01952EPSS
Exploits0References2
ubuntu
ubuntu
added 2026/01/19 10:35 a.m.7 views

USN-7966-1: Snowflake vulnerabilities

It was discovered that Pion DTLS, vendored in Snowflake, did not impose a limit on the amount of data that was buffered during the handshake. An attacker could possibly use the issue to cause a denial of service. CVE-2022-29189 It was discovered that Pion DTLS, vendored in Snowflake, did not...

7.5CVSS6.5AI score0.01952EPSS
Exploits0
Rows per page
Query Builder