Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:pypi/snowflake-connector-python@3.13.0
purl pkg:pypi/snowflake-connector-python@3.13.0
Next non-vulnerable version 3.13.1
Latest non-vulnerable version 3.13.1
Risk
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-2amp-fxnp-43d1
Aliases:
CVE-2025-24795
GHSA-r2x6-cjg7-8r43
PYSEC-2025-28
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. On Linux systems, when temporary credential caching is enabled, the Snowflake Connector for Python will cache temporary credentials locally in a world-readable file. This vulnerability affects versions 2.3.7 through 3.13.0. Snowflake fixed the issue in version 3.13.1.
3.13.1
Affected by 0 other vulnerabilities.
VCID-t3ct-ta9k-ybgg
Aliases:
CVE-2025-24793
GHSA-2vpq-fh52-j3wv
PYSEC-2025-26
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. A function from the snowflake.connector.pandas_tools module is vulnerable to SQL injection. This vulnerability affects versions 2.2.5 through 3.13.0. Snowflake fixed the issue in version 3.13.1.
3.13.1
Affected by 0 other vulnerabilities.
VCID-xwfz-x5xq-8keg
Aliases:
CVE-2025-24794
GHSA-m4f6-vcj4-w5mx
PYSEC-2025-27
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. The OCSP response cache uses pickle as the serialization format, potentially leading to local privilege escalation. This vulnerability affects versions 2.7.12 through 3.13.0. Snowflake fixed the issue in version 3.13.1.
3.13.1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-02T04:22:46.992185+00:00 Pypa Importer Affected by VCID-2amp-fxnp-43d1 https://github.com/pypa/advisory-database/blob/main/vulns/snowflake-connector-python/PYSEC-2025-28.yaml 38.6.0
2026-06-02T04:22:46.714049+00:00 Pypa Importer Affected by VCID-t3ct-ta9k-ybgg https://github.com/pypa/advisory-database/blob/main/vulns/snowflake-connector-python/PYSEC-2025-26.yaml 38.6.0
2026-06-02T04:22:46.372609+00:00 Pypa Importer Affected by VCID-xwfz-x5xq-8keg https://github.com/pypa/advisory-database/blob/main/vulns/snowflake-connector-python/PYSEC-2025-27.yaml 38.6.0