2 matches found
CVE-2025-46327
CVE-2025-46327 affects gosnowflake (Snowflake Go driver) versions 1.7.0 up to 1.13.3 (exclusive). The issue is a TOCTOU race in the Easy Logging feature: on Linux/macOS the driver reads logging config from a user-provided file and verifies write access only by the file owner, but the check can ra...
CVE-2023-34231
CVE-2023-34231 affects the Snowflake Go driver (gosnowflake) prior to version 1.6.19. The vulnerability is a command-injection flaw in the SSO browser URL authentication flow, allowing a remote attacker to execute commands on the user’s machine if the attacker first hosts a malicious resource and...