Snowflake Snowflake Connector — known CVE vulnerabilities
Every CVE whose affected-product data names Snowflake Snowflake Connector, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2023-34233 — CVSS 8.8 (high): The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all…
CVE-2023-34230 — CVSS 7.3 (high): snowflake-connector-net, the Snowflake Connector for .NET, is vulnerable to command injection prior to version 2.0.18 via SSO URL…
CVE-2023-34232 — CVSS 7.3 (high): snowflake-connector-nodejs, a NodeJS driver for Snowflake, is vulnerable to command injection via single sign on (SSO) browser URL…
CVE-2025-24793 — CVSS 7.0 (high): The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all…
CVE-2025-24794 — CVSS 6.7 (medium): The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all…
CVE-2023-51662 — CVSS 6.0 (medium): The Snowflake .NET driver provides an interface to the Microsoft .NET open source software framework for developing applications. Snowflake…
CVE-2024-49750 — CVSS 5.5 (medium): The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all…
CVE-2025-24788 — CVSS 5.0 (medium): snowflake-connector-net is the Snowflake Connector for .NET. Snowflake discovered and remediated a vulnerability in the Snowflake Connector…
CVE-2025-24791 — CVSS 4.4 (medium): snowflake-connector-nodejs is a NodeJS driver for Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake NodeJS…
CVE-2025-24795 — CVSS 4.4 (medium): The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all…
CVE-2022-42965 — CVSS 3.7 (low): An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the snowflake-connector-python PyPI package, when an…
CVE-2025-46326 — CVSS 3.3 (low): snowflake-connector-net is the Snowflake Connector for .NET. Versions starting from 2.1.2 to before 4.4.1, are vulnerable to a…
CVE-2025-46328 — CVSS 3.3 (low): snowflake-connector-nodejs is a NodeJS driver for Snowflake. Versions starting from 1.10.0 to before 2.0.4, are vulnerable to a…