Incorrect Permission Assignment for Critical Resource

Overview snowflake-connector-python is a Snowflake Connector for Python Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource via the ConfigManager.readconfig path in configmanager.py. An attacker can modify sensitive settings stored in the...

EUVD-2025-0179

Malicious code in bioql PyPI...

FreeBSD : py-mysql-connector-python -- Vulnerability in the MySQL Connectors product of Oracle MySQL (cb570d6f-9ea9-11f0-9446-f02f7497ecda)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cb570d6f-9ea9-11f0-9446-f02f7497ecda advisory. Oracle reports: Vulnerability in the MySQL Connectors product of Oracle MySQL component:...

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

...

Linux Distros Unpatched Vulnerability : CVE-2025-30714

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/Python. Supported versions that are affected are 9.0.0-9.2.0. Difficult to...

Linux Distros Unpatched Vulnerability : CVE-2024-21170

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/Python. Supported versions that are affected are 8.4.0 and prior. Easily...

Linux Distros Unpatched Vulnerability : CVE-2016-5598

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in the MySQL Connector component 2.1.3 and earlier and 2.0.4 and earlier in Oracle MySQL allows remote attackers to affect...

Linux Distros Unpatched Vulnerability : CVE-2017-3590

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/Python. Supported versions that are affected are 2.1.5 and earlier. Easi...

Linux Distros Unpatched Vulnerability : CVE-2024-21090

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/Python. Supported versions that are affected are 8.3.0 and prior. Easily...

Linux Distros Unpatched Vulnerability : CVE-2025-21548

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/Python. Supported versions that are affected are 9.1.0 and prior. Easily...

Linux Distros Unpatched Vulnerability : CVE-2024-21272

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/Python. Supported versions that are affected are 9.0.0 and prior. Difficult t...

CVE-2022-42965

An exponential ReDoS Regular Expression Denial of Service can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the undocumented getfiletransfertype method...

CVE-2025-30714

Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/Python. Supported versions that are affected are 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful...

UBUNTU-CVE-2025-30714

Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/Python. Supported versions that are affected are 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful...

adstoolbox (>=1.0.29 <=2025.9.5), afw (>=0.0.6 <=0.0.21) +41 more potentially affected by CVE-2025-30714 via mysql-connector-python (>=9.0.0 <=9.2.0)

mysql-connector-python PYPI version =9.0.0, =1.0.29, =0.0.6, =1.7.0, =0.3.0, =1.0.6, =0.5.0, =0.2.1, =1.0.1, =0.1.20, =1.107.2rc3, =0.1.0, =0.8.0, =1.0.3, =1.1.9 and more Source cves: CVE-2025-30714 Source advisory: SNYK:PYTHON-MYSQLCONNECTORPYTHON-9724724...

Credential Caching

snowflakeconnectorpython is vulnerable to Credential Caching. The vulnerability is due to improper handling of temporary credential caching on Linux systems, When caching is enabled, the credentials are stored in a file that is readable by all users, allowing unauthorized access...

acedeploy (>=2.4.15 <=2.4.115), apache-airflow-providers-snowflake (>=2.4.0 <=2.5.1rc1) +108 more potentially affected by CVE-2025-24795 via snowflake-connector-python (>=2.3.7 <=3.13.0)

snowflake-connector-python PYPI version =2.3.7, =2.4.15, =2.4.0, =0.4.0, =0.1.3, =0.1.0, =1.13.21, =20230717.1.0, =0.4.0, =1.0.8, =1.0.5, =0.3.1, =1.1.4 - datacontract-cli =0.10.4 and more Source cves: CVE-2025-24795 Source advisory: OSV:PYSEC-2025-28...

CVE-2025-24793

The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. A function from the...

acedeploy (>=2.4.15 <=2.4.115), arreyy (=0.0.1) +89 more potentially affected by CVE-2025-24794 via snowflake-connector-python (>=2.7.12 <=3.13.0)

snowflake-connector-python PYPI version =2.7.12, =2.4.15, =0.4.0, =0.1.3, =0.1.0, =1.13.21, =20230717.1.0, =0.4.0, =1.0.8, =1.0.5, =0.3.1, =0.7.0, =0.7.3 and more Source cves: CVE-2025-24794 Source advisory: OSV:PYSEC-2025-27...

acedeploy (>=2.4.15 <=2.4.115), aigc-evals (>=0.0.2 <=0.0.3) +131 more potentially affected by CVE-2025-24793 via snowflake-connector-python (>=2.2.5 <=3.13.0)

snowflake-connector-python PYPI version =2.2.5, =2.4.15, =0.0.2, =2.4.0, =0.0.4, =0.1.3, =0.1.0, =1.13.21, =20230717.1.0, =0.5.83, =0.4.0, =1.0.8, =1.0.11 and more Source cves: CVE-2025-24793 Source advisory: OSV:GHSA-2VPQ-FH52-J3WV...