Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:pypi/snowflake-connector-python@3.12.4
purl pkg:pypi/snowflake-connector-python@3.12.4
Next non-vulnerable version 3.13.1
Latest non-vulnerable version 3.13.1
Risk 4.0
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-5z5e-ucwv-aucw
Aliases:
CVE-2025-24795
GHSA-r2x6-cjg7-8r43
PYSEC-2025-28
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. On Linux systems, when temporary credential caching is enabled, the Snowflake Connector for Python will cache temporary credentials locally in a world-readable file. This vulnerability affects versions 2.3.7 through 3.13.0. Snowflake fixed the issue in version 3.13.1.
3.13.1
Affected by 0 other vulnerabilities.
VCID-6ked-cxsy-w3hn
Aliases:
CVE-2025-24794
GHSA-m4f6-vcj4-w5mx
PYSEC-2025-27
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. The OCSP response cache uses pickle as the serialization format, potentially leading to local privilege escalation. This vulnerability affects versions 2.7.12 through 3.13.0. Snowflake fixed the issue in version 3.13.1.
3.13.1
Affected by 0 other vulnerabilities.
VCID-ncck-322k-cych
Aliases:
CVE-2025-24793
GHSA-2vpq-fh52-j3wv
PYSEC-2025-26
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. A function from the snowflake.connector.pandas_tools module is vulnerable to SQL injection. This vulnerability affects versions 2.2.5 through 3.13.0. Snowflake fixed the issue in version 3.13.1.
3.13.1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-12T19:51:11.646498+00:00 GitLab Importer Affected by VCID-ncck-322k-cych https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/snowflake-connector-python/CVE-2025-24793.yml 38.6.0
2026-06-12T19:51:10.864249+00:00 GitLab Importer Affected by VCID-6ked-cxsy-w3hn https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/snowflake-connector-python/CVE-2025-24794.yml 38.6.0
2026-06-12T19:51:09.552825+00:00 GitLab Importer Affected by VCID-5z5e-ucwv-aucw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/snowflake-connector-python/CVE-2025-24795.yml 38.6.0
2026-06-12T04:19:55.379571+00:00 Pypa Importer Affected by VCID-5z5e-ucwv-aucw https://github.com/pypa/advisory-database/blob/main/vulns/snowflake-connector-python/PYSEC-2025-28.yaml 38.6.0
2026-06-12T04:19:55.130639+00:00 Pypa Importer Affected by VCID-ncck-322k-cych https://github.com/pypa/advisory-database/blob/main/vulns/snowflake-connector-python/PYSEC-2025-26.yaml 38.6.0
2026-06-12T04:19:54.830559+00:00 Pypa Importer Affected by VCID-6ked-cxsy-w3hn https://github.com/pypa/advisory-database/blob/main/vulns/snowflake-connector-python/PYSEC-2025-27.yaml 38.6.0
2026-06-11T21:03:52.844219+00:00 PyPI Importer Affected by VCID-ncck-322k-cych https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.6.0
2026-06-11T21:03:52.495028+00:00 PyPI Importer Affected by VCID-5z5e-ucwv-aucw https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.6.0
2026-06-11T21:03:52.208512+00:00 PyPI Importer Affected by VCID-6ked-cxsy-w3hn https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.6.0