Security Bulletin: TOCTOU Race Condition in gosnowflake Logging Configuration Allows Local Privilege Misuse (Fixed in 1.13.3), affects watsonx.data

Summary gosnowflake is the Snowflake Golang driver. Versions starting from 1.7.0 to before 1.13.3, are vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition. When using the Easy Logging feature on Linux and macOS, the Driver reads logging configuration from a user-provided file. On...

SUSE CVE-2025-46327

gosnowflake is the Snowflake Golang driver. Versions starting from 1.7.0 to before 1.13.3, are vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition. When using the Easy Logging feature on Linux and macOS, the Driver reads logging configuration from a user-provided file. On Linux and...

AZL-61501 CVE-2025-46327 affecting package telegraf 1.29.4-21

gosnowflake is the Snowflake Golang driver. Versions starting from 1.7.0 to before 1.13.3, are vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition. When using the Easy Logging feature on Linux and macOS, the Driver reads logging configuration from a user-provided file. On Linux and...

AZL-61654 CVE-2025-46327 affecting package telegraf 1.31.0-15

gosnowflake is the Snowflake Golang driver. Versions starting from 1.7.0 to before 1.13.3, are vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition. When using the Easy Logging feature on Linux and macOS, the Driver reads logging configuration from a user-provided file. On Linux and...

CVE-2025-46327 Go Snowflake Driver has race condition when checking access to Easy Logging configuration file

gosnowflake is the Snowflake Golang driver. Versions starting from 1.7.0 to before 1.13.3, are vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition. When using the Easy Logging feature on Linux and macOS, the Driver reads logging configuration from a user-provided file. On Linux and...

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition when using the Easy Logging feature. A user with access to the config file can control it and expose log contents by directing the output to a readable location. Note: Only applications...

Snowflake gosnowflake 安全漏洞

Snowflake gosnowflake is a golang implementation of the id issuer from Snowflake USA. A security vulnerability exists in Snowflake gosnowflake versions prior to 1.7.0 through 1.13.3, which stems from a TOCTOU contention condition that could result in log configuration being overwritten...

gosnowflake 命令注入漏洞

Snowflake gosnowflake is a golang implementation of Snowflake's id issuer. A command injection vulnerability exists in gosnowflake versions prior to 1.6.19. An attacker can exploit this vulnerability to cause remote code execution...