CVE-2025-46329 Snowflake Connector for C/C++ inserts client-side encryption key in DEBUG logs

libsnowflakeclient is the Snowflake Connector for C/C++. Versions starting from 0.5.0 to before 2.2.0, are vulnerable to local logging of sensitive information. When the logging level was set to DEBUG, the Connector would log locally the client-side encryption master key of the target stage durin...

CVE-2025-46330 Snowflake Connector for C/C++ retries malformed requests

libsnowflakeclient is the Snowflake Connector for C/C++. Versions starting from 0.5.0 to before 2.2.0, incorrectly treat malformed requests that caused the HTTP response status code 400, as able to be retried. This could hang the application until SFCONMAXRETRY requests were sent. This issue has...

CVE-2025-46330

CVE-2025-46330 affects the Snowflake Connector for C/C++ (libsnowflakeclient). Versions 0.5.0 up to before 2.2.0 incorrectly treat malformed requests that cause HTTP 400 responses as retryable, which can cause the application to hang until the retry limit (SF_CON_MAX_RETRY) is exhausted. Affected...

libsnowflakeclient 日志信息泄露漏洞

libsnowflakeclient is a Snowflake open source Snowflake tool. A log information disclosure vulnerability exists in libsnowflakeclient versions prior to 0.5.0 through 2.2.0, which stems from debug logging sensitive information...

PT-2025-18133 · Snowflake · Libsnowflakeclient

Name of the Vulnerable Software and Affected Versions: libsnowflakeclient versions 0.5.0 through 2.2.0 Description: The issue concerns local logging of sensitive information. When the logging level was set to DEBUG, the Connector would log locally the client-side encryption master key of the targ...