Lucene search
+L

5 matches found

NVD
NVD
added 2025/04/28 11:15 p.m.19 views

CVE-2025-46328

snowflake-connector-nodejs is a NodeJS driver for Snowflake. Versions starting from 1.10.0 to before 2.0.4, are vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition. When using the Easy Logging feature on Linux and macOS the Driver reads logging configuration from a user-provided...

7CVSS0.00141EPSS
Exploits0References2
Circl
Circl
added 2025/04/28 11:10 p.m.12 views

CVE-2025-46328

creationtimestamp| type| source ---|---|--- 2025-04-28 23:10:54+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13750 2025-04-28 23:45:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnvx5vjscz2s 2025-04-29 02:36:58+00:00| seen|...

7CVSS4.8AI score0.00141EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/28 10:33 p.m.8 views

CVE-2025-46328 NodeJS Driver for Snowflake has race condition when checking access to Easy Logging configuration file

snowflake-connector-nodejs is a NodeJS driver for Snowflake. Versions starting from 1.10.0 to before 2.0.4, are vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition. When using the Easy Logging feature on Linux and macOS the Driver reads logging configuration from a user-provided...

3.3CVSS3.9AI score0.00141EPSS
Exploits0References2
CVE
CVE
added 2025/04/28 10:33 p.m.78 views

CVE-2025-46328

CVE-2025-46328 affects the Snowflake Node.js driver. Versions 1.10.0 up to (but not including) 2.0.4 are vulnerable to a TOCTOU race in the Linux/macOS Easy Logging configuration check: the driver validates that the logging config file is writable only by the owner, but the check can be bypassed,...

7CVSS3.9AI score0.00141EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/04/28 10:33 p.m.27 views

CVE-2025-46328 NodeJS Driver for Snowflake has race condition when checking access to Easy Logging configuration file

snowflake-connector-nodejs is a NodeJS driver for Snowflake. Versions starting from 1.10.0 to before 2.0.4, are vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition. When using the Easy Logging feature on Linux and macOS the Driver reads logging configuration from a user-provided...

3.3CVSS0.00141EPSS
Exploits0References2
Rows per page
Query Builder