Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for snowflake-connector-net by snowflakedb

    CVE-2025-46326 (GCVE-0-2025-46326)

    Vulnerability from nvd – Published: 2025-04-28 22:33 – Updated: 2025-04-29 13:42
    VLAI
    Title
    Snowflake Connector for .NET has race condition when checking access to Easy Logging configuration file
    Summary
    snowflake-connector-net is the Snowflake Connector for .NET. Versions starting from 2.1.2 to before 4.4.1, are vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition. When using the Easy Logging feature on Linux and macOS, the Connector reads logging configuration from a user-provided file. On Linux and macOS, the Connector verifies that the configuration file can be written to only by its owner. That check was vulnerable to a TOCTOU race condition and failed to verify that the file owner matches the user running the Connector. This could allow a local attacker with write access to the configuration file or the directory containing it to overwrite the configuration and gain control over logging level and output location. This issue has been patched in version 4.4.1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
    Assigner
    Impacted products
    Vendor Product Version
    snowflakedb snowflake-connector-net Affected: >= 2.1.2, < 4.4.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-46326",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-29T13:42:00.946516Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-29T13:42:11.360Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "snowflake-connector-net",
              "vendor": "snowflakedb",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 2.1.2, \u003c 4.4.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "snowflake-connector-net is the Snowflake Connector for .NET. Versions starting from 2.1.2 to before 4.4.1, are vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition. When using the Easy Logging feature on Linux and macOS, the Connector reads logging configuration from a user-provided file. On Linux and macOS, the Connector verifies that the configuration file can be written to only by its owner. That check was vulnerable to a TOCTOU race condition and failed to verify that the file owner matches the user running the Connector. This could allow a local attacker with write access to the configuration file or the directory containing it to overwrite the configuration and gain control over logging level and output location. This issue has been patched in version 4.4.1."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-367",
                  "description": "CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-28T22:33:01.627Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/snowflakedb/snowflake-connector-net/security/advisories/GHSA-c82r-c9f7-f5mj",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/snowflakedb/snowflake-connector-net/security/advisories/GHSA-c82r-c9f7-f5mj"
            },
            {
              "name": "https://github.com/snowflakedb/snowflake-connector-net/commit/393aad3cfa81045a05dd488944db45256e861bff",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/snowflakedb/snowflake-connector-net/commit/393aad3cfa81045a05dd488944db45256e861bff"
            },
            {
              "name": "https://github.com/snowflakedb/snowflake-connector-net/releases/tag/v4.4.1",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/snowflakedb/snowflake-connector-net/releases/tag/v4.4.1"
            }
          ],
          "source": {
            "advisory": "GHSA-c82r-c9f7-f5mj",
            "discovery": "UNKNOWN"
          },
          "title": "Snowflake Connector for .NET has race condition when checking access to Easy Logging configuration file"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-46326",
        "datePublished": "2025-04-28T22:33:01.627Z",
        "dateReserved": "2025-04-22T22:41:54.910Z",
        "dateUpdated": "2025-04-29T13:42:11.360Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-24788 (GCVE-0-2025-24788)

    Vulnerability from nvd – Published: 2025-01-29 20:19 – Updated: 2025-01-31 16:55
    VLAI
    Title
    Snowflake Connector for .NET has weak temporary files permissions
    Summary
    snowflake-connector-net is the Snowflake Connector for .NET. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for .NET in which files downloaded from stages are temporarily placed in a world-readable local directory, making them accessible to unauthorized users on the same machine. This vulnerability affects versions 2.0.12 through 4.2.0 on Linux and macOS. Snowflake fixed the issue in version 4.3.0.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    References
    Impacted products
    Vendor Product Version
    snowflakedb snowflake-connector-net Affected: >= 2.0.12, < 4.3.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24788",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-31T16:55:00.666174Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-31T16:55:14.494Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "snowflake-connector-net",
              "vendor": "snowflakedb",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 2.0.12,  \u003c 4.3.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "snowflake-connector-net is the Snowflake Connector for .NET. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for .NET in which files downloaded from stages are temporarily placed in a world-readable local directory, making them accessible to unauthorized users on the same machine. This vulnerability affects versions 2.0.12 through 4.2.0 on Linux and macOS. Snowflake fixed the issue in version 4.3.0."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276: Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-29T20:19:16.428Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/snowflakedb/snowflake-connector-net/security/advisories/GHSA-2mqw-rq5m-8hc8",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/snowflakedb/snowflake-connector-net/security/advisories/GHSA-2mqw-rq5m-8hc8"
            },
            {
              "name": "https://github.com/snowflakedb/snowflake-connector-net/commit/89d91e8316ca213c5d184bcf469ed93977a5edf9",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/snowflakedb/snowflake-connector-net/commit/89d91e8316ca213c5d184bcf469ed93977a5edf9"
            }
          ],
          "source": {
            "advisory": "GHSA-2mqw-rq5m-8hc8",
            "discovery": "UNKNOWN"
          },
          "title": "Snowflake Connector for .NET has weak temporary files permissions"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-24788",
        "datePublished": "2025-01-29T20:19:16.428Z",
        "dateReserved": "2025-01-23T17:11:35.836Z",
        "dateUpdated": "2025-01-31T16:55:14.494Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-51662 (GCVE-0-2023-51662)

    Vulnerability from nvd – Published: 2023-12-22 16:27 – Updated: 2024-08-02 22:40
    VLAI
    Title
    Snowflake Connector .NET does not properly check the Certificate Revocation List (CRL)
    Summary
    The Snowflake .NET driver provides an interface to the Microsoft .NET open source software framework for developing applications. Snowflake recently received a report about a vulnerability in the Snowflake Connector .NET where the checks against the Certificate Revocation List (CRL) were not performed where the insecureMode flag was set to false, which is the default setting. The vulnerability affects versions between 2.0.25 and 2.1.4 (inclusive). Snowflake fixed the issue in version 2.1.5.
    CWE
    • CWE-295 - Improper Certificate Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    snowflakedb snowflake-connector-net Affected: >= 2.0.25, <= 2.1.4
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T22:40:34.244Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://github.com/snowflakedb/snowflake-connector-net/security/advisories/GHSA-hwcc-4cv8-cf3h",
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/snowflakedb/snowflake-connector-net/security/advisories/GHSA-hwcc-4cv8-cf3h"
              },
              {
                "name": "https://docs.snowflake.com/release-notes/clients-drivers/dotnet-2023#version-2-1-5-december-18-2023",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://docs.snowflake.com/release-notes/clients-drivers/dotnet-2023#version-2-1-5-december-18-2023"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "snowflake-connector-net",
              "vendor": "snowflakedb",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 2.0.25, \u003c= 2.1.4"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Snowflake .NET driver provides an interface to the Microsoft .NET open source software framework for developing applications. Snowflake recently received a report about a vulnerability in the Snowflake Connector .NET where the checks against the Certificate Revocation List (CRL) were not performed where the insecureMode flag was set to false, which is the default setting. The vulnerability affects versions between 2.0.25 and 2.1.4 (inclusive). Snowflake fixed the issue in version 2.1.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-295",
                  "description": "CWE-295: Improper Certificate Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-22T16:27:05.209Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/snowflakedb/snowflake-connector-net/security/advisories/GHSA-hwcc-4cv8-cf3h",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/snowflakedb/snowflake-connector-net/security/advisories/GHSA-hwcc-4cv8-cf3h"
            },
            {
              "name": "https://docs.snowflake.com/release-notes/clients-drivers/dotnet-2023#version-2-1-5-december-18-2023",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://docs.snowflake.com/release-notes/clients-drivers/dotnet-2023#version-2-1-5-december-18-2023"
            }
          ],
          "source": {
            "advisory": "GHSA-hwcc-4cv8-cf3h",
            "discovery": "UNKNOWN"
          },
          "title": "Snowflake Connector .NET does not properly check the Certificate Revocation List (CRL)"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2023-51662",
        "datePublished": "2023-12-22T16:27:05.209Z",
        "dateReserved": "2023-12-21T14:14:26.224Z",
        "dateUpdated": "2024-08-02T22:40:34.244Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-34230 (GCVE-0-2023-34230)

    Vulnerability from nvd – Published: 2023-06-08 20:29 – Updated: 2025-01-06 19:28
    VLAI
    Title
    Snowflake Connector vulnerable to Command Injection
    Summary
    snowflake-connector-net, the Snowflake Connector for .NET, is vulnerable to command injection prior to version 2.0.18 via SSO URL authentication. In order to exploit the potential for command injection, an attacker would need to be successful in (1) establishing a malicious resource and (2) redirecting users to utilize the resource. The attacker could set up a malicious, publicly accessible server which responds to the SSO URL with an attack payload. If the attacker then tricked a user into visiting the maliciously crafted connection URL, the user’s local machine would render the malicious payload, leading to a remote code execution. This attack scenario can be mitigated through URL whitelisting as well as common anti-phishing resources. Version 2.0.18 fixes this issue.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    References
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:01:54.245Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://github.com/snowflakedb/snowflake-connector-net/security/advisories/GHSA-223g-8w3x-98wr",
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/snowflakedb/snowflake-connector-net/security/advisories/GHSA-223g-8w3x-98wr"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-34230",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-06T19:28:12.163189Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-06T19:28:28.779Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "snowflake-connector-net",
              "vendor": "snowflakedb",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.0.18"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "snowflake-connector-net, the Snowflake Connector for .NET, is vulnerable to command injection prior to version 2.0.18 via SSO URL authentication. In order to exploit the potential for command injection, an attacker would need to be successful in (1) establishing a malicious resource and (2) redirecting users to utilize the resource. The attacker could set up a malicious, publicly accessible server which responds to the SSO URL with an attack payload. If the attacker then tricked a user into visiting the maliciously crafted connection URL, the user\u2019s local machine would render the malicious payload, leading to a remote code execution. This attack scenario can be mitigated through URL whitelisting as well as common anti-phishing resources. Version 2.0.18 fixes this issue."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-08T20:29:50.429Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/snowflakedb/snowflake-connector-net/security/advisories/GHSA-223g-8w3x-98wr",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/snowflakedb/snowflake-connector-net/security/advisories/GHSA-223g-8w3x-98wr"
            }
          ],
          "source": {
            "advisory": "GHSA-223g-8w3x-98wr",
            "discovery": "UNKNOWN"
          },
          "title": "Snowflake Connector vulnerable to Command Injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2023-34230",
        "datePublished": "2023-06-08T20:29:50.429Z",
        "dateReserved": "2023-05-31T13:51:51.168Z",
        "dateUpdated": "2025-01-06T19:28:28.779Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-46326 (GCVE-0-2025-46326)

    Vulnerability from cvelistv5 – Published: 2025-04-28 22:33 – Updated: 2025-04-29 13:42
    VLAI
    Title
    Snowflake Connector for .NET has race condition when checking access to Easy Logging configuration file
    Summary
    snowflake-connector-net is the Snowflake Connector for .NET. Versions starting from 2.1.2 to before 4.4.1, are vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition. When using the Easy Logging feature on Linux and macOS, the Connector reads logging configuration from a user-provided file. On Linux and macOS, the Connector verifies that the configuration file can be written to only by its owner. That check was vulnerable to a TOCTOU race condition and failed to verify that the file owner matches the user running the Connector. This could allow a local attacker with write access to the configuration file or the directory containing it to overwrite the configuration and gain control over logging level and output location. This issue has been patched in version 4.4.1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
    Assigner
    Impacted products
    Vendor Product Version
    snowflakedb snowflake-connector-net Affected: >= 2.1.2, < 4.4.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-46326",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-29T13:42:00.946516Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-29T13:42:11.360Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "snowflake-connector-net",
              "vendor": "snowflakedb",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 2.1.2, \u003c 4.4.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "snowflake-connector-net is the Snowflake Connector for .NET. Versions starting from 2.1.2 to before 4.4.1, are vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition. When using the Easy Logging feature on Linux and macOS, the Connector reads logging configuration from a user-provided file. On Linux and macOS, the Connector verifies that the configuration file can be written to only by its owner. That check was vulnerable to a TOCTOU race condition and failed to verify that the file owner matches the user running the Connector. This could allow a local attacker with write access to the configuration file or the directory containing it to overwrite the configuration and gain control over logging level and output location. This issue has been patched in version 4.4.1."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-367",
                  "description": "CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-28T22:33:01.627Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/snowflakedb/snowflake-connector-net/security/advisories/GHSA-c82r-c9f7-f5mj",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/snowflakedb/snowflake-connector-net/security/advisories/GHSA-c82r-c9f7-f5mj"
            },
            {
              "name": "https://github.com/snowflakedb/snowflake-connector-net/commit/393aad3cfa81045a05dd488944db45256e861bff",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/snowflakedb/snowflake-connector-net/commit/393aad3cfa81045a05dd488944db45256e861bff"
            },
            {
              "name": "https://github.com/snowflakedb/snowflake-connector-net/releases/tag/v4.4.1",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/snowflakedb/snowflake-connector-net/releases/tag/v4.4.1"
            }
          ],
          "source": {
            "advisory": "GHSA-c82r-c9f7-f5mj",
            "discovery": "UNKNOWN"
          },
          "title": "Snowflake Connector for .NET has race condition when checking access to Easy Logging configuration file"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-46326",
        "datePublished": "2025-04-28T22:33:01.627Z",
        "dateReserved": "2025-04-22T22:41:54.910Z",
        "dateUpdated": "2025-04-29T13:42:11.360Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-24788 (GCVE-0-2025-24788)

    Vulnerability from cvelistv5 – Published: 2025-01-29 20:19 – Updated: 2025-01-31 16:55
    VLAI
    Title
    Snowflake Connector for .NET has weak temporary files permissions
    Summary
    snowflake-connector-net is the Snowflake Connector for .NET. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for .NET in which files downloaded from stages are temporarily placed in a world-readable local directory, making them accessible to unauthorized users on the same machine. This vulnerability affects versions 2.0.12 through 4.2.0 on Linux and macOS. Snowflake fixed the issue in version 4.3.0.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    References
    Impacted products
    Vendor Product Version
    snowflakedb snowflake-connector-net Affected: >= 2.0.12, < 4.3.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24788",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-31T16:55:00.666174Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-31T16:55:14.494Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "snowflake-connector-net",
              "vendor": "snowflakedb",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 2.0.12,  \u003c 4.3.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "snowflake-connector-net is the Snowflake Connector for .NET. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for .NET in which files downloaded from stages are temporarily placed in a world-readable local directory, making them accessible to unauthorized users on the same machine. This vulnerability affects versions 2.0.12 through 4.2.0 on Linux and macOS. Snowflake fixed the issue in version 4.3.0."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276: Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-29T20:19:16.428Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/snowflakedb/snowflake-connector-net/security/advisories/GHSA-2mqw-rq5m-8hc8",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/snowflakedb/snowflake-connector-net/security/advisories/GHSA-2mqw-rq5m-8hc8"
            },
            {
              "name": "https://github.com/snowflakedb/snowflake-connector-net/commit/89d91e8316ca213c5d184bcf469ed93977a5edf9",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/snowflakedb/snowflake-connector-net/commit/89d91e8316ca213c5d184bcf469ed93977a5edf9"
            }
          ],
          "source": {
            "advisory": "GHSA-2mqw-rq5m-8hc8",
            "discovery": "UNKNOWN"
          },
          "title": "Snowflake Connector for .NET has weak temporary files permissions"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-24788",
        "datePublished": "2025-01-29T20:19:16.428Z",
        "dateReserved": "2025-01-23T17:11:35.836Z",
        "dateUpdated": "2025-01-31T16:55:14.494Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-51662 (GCVE-0-2023-51662)

    Vulnerability from cvelistv5 – Published: 2023-12-22 16:27 – Updated: 2024-08-02 22:40
    VLAI
    Title
    Snowflake Connector .NET does not properly check the Certificate Revocation List (CRL)
    Summary
    The Snowflake .NET driver provides an interface to the Microsoft .NET open source software framework for developing applications. Snowflake recently received a report about a vulnerability in the Snowflake Connector .NET where the checks against the Certificate Revocation List (CRL) were not performed where the insecureMode flag was set to false, which is the default setting. The vulnerability affects versions between 2.0.25 and 2.1.4 (inclusive). Snowflake fixed the issue in version 2.1.5.
    CWE
    • CWE-295 - Improper Certificate Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    snowflakedb snowflake-connector-net Affected: >= 2.0.25, <= 2.1.4
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T22:40:34.244Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://github.com/snowflakedb/snowflake-connector-net/security/advisories/GHSA-hwcc-4cv8-cf3h",
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/snowflakedb/snowflake-connector-net/security/advisories/GHSA-hwcc-4cv8-cf3h"
              },
              {
                "name": "https://docs.snowflake.com/release-notes/clients-drivers/dotnet-2023#version-2-1-5-december-18-2023",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://docs.snowflake.com/release-notes/clients-drivers/dotnet-2023#version-2-1-5-december-18-2023"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "snowflake-connector-net",
              "vendor": "snowflakedb",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 2.0.25, \u003c= 2.1.4"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Snowflake .NET driver provides an interface to the Microsoft .NET open source software framework for developing applications. Snowflake recently received a report about a vulnerability in the Snowflake Connector .NET where the checks against the Certificate Revocation List (CRL) were not performed where the insecureMode flag was set to false, which is the default setting. The vulnerability affects versions between 2.0.25 and 2.1.4 (inclusive). Snowflake fixed the issue in version 2.1.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-295",
                  "description": "CWE-295: Improper Certificate Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-22T16:27:05.209Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/snowflakedb/snowflake-connector-net/security/advisories/GHSA-hwcc-4cv8-cf3h",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/snowflakedb/snowflake-connector-net/security/advisories/GHSA-hwcc-4cv8-cf3h"
            },
            {
              "name": "https://docs.snowflake.com/release-notes/clients-drivers/dotnet-2023#version-2-1-5-december-18-2023",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://docs.snowflake.com/release-notes/clients-drivers/dotnet-2023#version-2-1-5-december-18-2023"
            }
          ],
          "source": {
            "advisory": "GHSA-hwcc-4cv8-cf3h",
            "discovery": "UNKNOWN"
          },
          "title": "Snowflake Connector .NET does not properly check the Certificate Revocation List (CRL)"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2023-51662",
        "datePublished": "2023-12-22T16:27:05.209Z",
        "dateReserved": "2023-12-21T14:14:26.224Z",
        "dateUpdated": "2024-08-02T22:40:34.244Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-34230 (GCVE-0-2023-34230)

    Vulnerability from cvelistv5 – Published: 2023-06-08 20:29 – Updated: 2025-01-06 19:28
    VLAI
    Title
    Snowflake Connector vulnerable to Command Injection
    Summary
    snowflake-connector-net, the Snowflake Connector for .NET, is vulnerable to command injection prior to version 2.0.18 via SSO URL authentication. In order to exploit the potential for command injection, an attacker would need to be successful in (1) establishing a malicious resource and (2) redirecting users to utilize the resource. The attacker could set up a malicious, publicly accessible server which responds to the SSO URL with an attack payload. If the attacker then tricked a user into visiting the maliciously crafted connection URL, the user’s local machine would render the malicious payload, leading to a remote code execution. This attack scenario can be mitigated through URL whitelisting as well as common anti-phishing resources. Version 2.0.18 fixes this issue.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    References
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:01:54.245Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://github.com/snowflakedb/snowflake-connector-net/security/advisories/GHSA-223g-8w3x-98wr",
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/snowflakedb/snowflake-connector-net/security/advisories/GHSA-223g-8w3x-98wr"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-34230",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-06T19:28:12.163189Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-06T19:28:28.779Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "snowflake-connector-net",
              "vendor": "snowflakedb",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.0.18"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "snowflake-connector-net, the Snowflake Connector for .NET, is vulnerable to command injection prior to version 2.0.18 via SSO URL authentication. In order to exploit the potential for command injection, an attacker would need to be successful in (1) establishing a malicious resource and (2) redirecting users to utilize the resource. The attacker could set up a malicious, publicly accessible server which responds to the SSO URL with an attack payload. If the attacker then tricked a user into visiting the maliciously crafted connection URL, the user\u2019s local machine would render the malicious payload, leading to a remote code execution. This attack scenario can be mitigated through URL whitelisting as well as common anti-phishing resources. Version 2.0.18 fixes this issue."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-08T20:29:50.429Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/snowflakedb/snowflake-connector-net/security/advisories/GHSA-223g-8w3x-98wr",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/snowflakedb/snowflake-connector-net/security/advisories/GHSA-223g-8w3x-98wr"
            }
          ],
          "source": {
            "advisory": "GHSA-223g-8w3x-98wr",
            "discovery": "UNKNOWN"
          },
          "title": "Snowflake Connector vulnerable to Command Injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2023-34230",
        "datePublished": "2023-06-08T20:29:50.429Z",
        "dateReserved": "2023-05-31T13:51:51.168Z",
        "dateUpdated": "2025-01-06T19:28:28.779Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }