Количество 2
Количество 2
CVE-2025-24794
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. The OCSP response cache uses pickle as the serialization format, potentially leading to local privilege escalation. This vulnerability affects versions 2.7.12 through 3.13.0. Snowflake fixed the issue in version 3.13.1.
GHSA-m4f6-vcj4-w5mx
snowflake-connector-python vulnerable to insecure deserialization of the OCSP response cache
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-24794 The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. The OCSP response cache uses pickle as the serialization format, potentially leading to local privilege escalation. This vulnerability affects versions 2.7.12 through 3.13.0. Snowflake fixed the issue in version 3.13.1. | CVSS3: 6.7 | 0% Низкий | около 1 года назад |
| GHSA-m4f6-vcj4-w5mx snowflake-connector-python vulnerable to insecure deserialization of the OCSP response cache | CVSS3: 6.7 | 0% Низкий | около 1 года назад |
Уязвимостей на страницу