Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/net.snowflake/snowflake-jdbc@3.12.14
Typemaven
Namespacenet.snowflake
Namesnowflake-jdbc
Version3.12.14
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.0.2
Latest_non_vulnerable_version4.0.2
Affected_by_vulnerabilities
0
url VCID-7634-ughv-p3e4
vulnerability_id VCID-7634-ughv-p3e4
summary Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. On Linux systems, when temporary credential caching is enabled, the Snowflake JDBC Driver will cache temporary credentials locally in a world-readable file. This vulnerability affects versions 3.6.8 through 3.21.0. Snowflake fixed the issue in version 3.22.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-24790
reference_id
reference_type
scores
0
value 0.00088
scoring_system epss
scoring_elements 0.25151
published_at 2026-06-11T12:55:00Z
1
value 0.00088
scoring_system epss
scoring_elements 0.25366
published_at 2026-06-13T12:55:00Z
2
value 0.00088
scoring_system epss
scoring_elements 0.25349
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-24790
1
reference_url https://github.com/snowflakedb/snowflake-jdbc
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/snowflakedb/snowflake-jdbc
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-24790
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-24790
3
reference_url https://github.com/snowflakedb/snowflake-jdbc/commit/9e1a5acf12406b16c4780ca013f4c4db48b74b59
reference_id 9e1a5acf12406b16c4780ca013f4c4db48b74b59
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-29T18:00:01Z/
url https://github.com/snowflakedb/snowflake-jdbc/commit/9e1a5acf12406b16c4780ca013f4c4db48b74b59
4
reference_url https://github.com/advisories/GHSA-33g6-495w-v8j2
reference_id GHSA-33g6-495w-v8j2
reference_type
scores
url https://github.com/advisories/GHSA-33g6-495w-v8j2
5
reference_url https://github.com/snowflakedb/snowflake-jdbc/security/advisories/GHSA-33g6-495w-v8j2
reference_id GHSA-33g6-495w-v8j2
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-29T18:00:01Z/
url https://github.com/snowflakedb/snowflake-jdbc/security/advisories/GHSA-33g6-495w-v8j2
fixed_packages
0
url pkg:maven/net.snowflake/snowflake-jdbc@3.22.0
purl pkg:maven/net.snowflake/snowflake-jdbc@3.22.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-x1s8-w62k-vkec
1
vulnerability VCID-zz6x-xdq1-zyer
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/net.snowflake/snowflake-jdbc@3.22.0
aliases CVE-2025-24790, GHSA-33g6-495w-v8j2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7634-ughv-p3e4
1
url VCID-bpvn-pujr-muh9
vulnerability_id VCID-bpvn-pujr-muh9
summary Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Users of the Snowflake JDBC driver were vulnerable to a command injection vulnerability. An attacker could set up a malicious, publicly accessible server which responds to the SSO URL with an attack payload. If the attacker then tricked a user into visiting the maliciously crafted connection URL, the user’s local machine would render the malicious payload, leading to a remote code execution. The vulnerability was patched on March 17, 2023 as part of Snowflake JDBC driver Version 3.13.29. All users should immediately upgrade the Snowflake JDBC driver to the latest version: 3.13.29.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-30535
reference_id
reference_type
scores
0
value 0.02136
scoring_system epss
scoring_elements 0.84565
published_at 2026-06-11T12:55:00Z
1
value 0.02136
scoring_system epss
scoring_elements 0.84629
published_at 2026-06-13T12:55:00Z
2
value 0.02136
scoring_system epss
scoring_elements 0.84619
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-30535
1
reference_url https://github.com/snowflakedb/snowflake-jdbc
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/snowflakedb/snowflake-jdbc
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-30535
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-30535
3
reference_url https://github.com/advisories/GHSA-4g3j-c4wg-6j7x
reference_id GHSA-4g3j-c4wg-6j7x
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4g3j-c4wg-6j7x
4
reference_url https://github.com/snowflakedb/snowflake-jdbc/security/advisories/GHSA-4g3j-c4wg-6j7x
reference_id GHSA-4g3j-c4wg-6j7x
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T18:41:14Z/
url https://github.com/snowflakedb/snowflake-jdbc/security/advisories/GHSA-4g3j-c4wg-6j7x
5
reference_url https://community.snowflake.com/s/article/JDBC-Driver-Release-Notes
reference_id JDBC-Driver-Release-Notes
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T18:41:14Z/
url https://community.snowflake.com/s/article/JDBC-Driver-Release-Notes
fixed_packages
0
url pkg:maven/net.snowflake/snowflake-jdbc@3.13.29
purl pkg:maven/net.snowflake/snowflake-jdbc@3.13.29
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7634-ughv-p3e4
1
vulnerability VCID-ku9q-ey2f-3fdq
2
vulnerability VCID-u9e8-yuq2-f3bk
3
vulnerability VCID-x1s8-w62k-vkec
4
vulnerability VCID-zz6x-xdq1-zyer
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/net.snowflake/snowflake-jdbc@3.13.29
aliases CVE-2023-30535, GHSA-4g3j-c4wg-6j7x
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bpvn-pujr-muh9
2
url VCID-ku9q-ey2f-3fdq
vulnerability_id VCID-ku9q-ey2f-3fdq
summary Snowflake JDBC driver versions >= 3.2.6 and <= 3.19.1 have an Incorrect Security Setting that can result in data being uploaded to an encrypted stage without the additional layer of protection provided by client side encryption.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-43382
reference_id
reference_type
scores
0
value 0.00205
scoring_system epss
scoring_elements 0.42885
published_at 2026-06-13T12:55:00Z
1
value 0.00205
scoring_system epss
scoring_elements 0.42705
published_at 2026-06-11T12:55:00Z
2
value 0.00205
scoring_system epss
scoring_elements 0.42865
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-43382
1
reference_url https://github.com/snowflakedb/snowflake-jdbc
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/snowflakedb/snowflake-jdbc
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-43382
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-43382
3
reference_url https://github.com/advisories/GHSA-f686-hw9c-xw9c
reference_id GHSA-f686-hw9c-xw9c
reference_type
scores
url https://github.com/advisories/GHSA-f686-hw9c-xw9c
4
reference_url https://github.com/snowflakedb/snowflake-jdbc/security/advisories/GHSA-f686-hw9c-xw9c
reference_id GHSA-f686-hw9c-xw9c
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-31T14:08:18Z/
url https://github.com/snowflakedb/snowflake-jdbc/security/advisories/GHSA-f686-hw9c-xw9c
fixed_packages
0
url pkg:maven/net.snowflake/snowflake-jdbc@3.20.0
purl pkg:maven/net.snowflake/snowflake-jdbc@3.20.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7634-ughv-p3e4
1
vulnerability VCID-u9e8-yuq2-f3bk
2
vulnerability VCID-x1s8-w62k-vkec
3
vulnerability VCID-zz6x-xdq1-zyer
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/net.snowflake/snowflake-jdbc@3.20.0
aliases CVE-2024-43382, GHSA-f686-hw9c-xw9c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ku9q-ey2f-3fdq
3
url VCID-u9e8-yuq2-f3bk
vulnerability_id VCID-u9e8-yuq2-f3bk
summary Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. When the EXTERNALBROWSER authentication method is used on Windows, an attacker with write access to a directory in the %PATH% can escalate their privileges to the user that runs the vulnerable JDBC Driver version. This vulnerability affects versions 3.2.3 through 3.21.0 on Windows. Snowflake fixed the issue in version 3.22.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-24789
reference_id
reference_type
scores
0
value 0.00154
scoring_system epss
scoring_elements 0.35887
published_at 2026-06-11T12:55:00Z
1
value 0.00154
scoring_system epss
scoring_elements 0.3609
published_at 2026-06-13T12:55:00Z
2
value 0.00154
scoring_system epss
scoring_elements 0.36067
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-24789
1
reference_url https://github.com/snowflakedb/snowflake-jdbc
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/snowflakedb/snowflake-jdbc
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-24789
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-24789
3
reference_url https://github.com/snowflakedb/snowflake-jdbc/commit/4f01bb8f9b708c71e7a2111c87371dbfc1d53dd6
reference_id 4f01bb8f9b708c71e7a2111c87371dbfc1d53dd6
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-29T18:01:39Z/
url https://github.com/snowflakedb/snowflake-jdbc/commit/4f01bb8f9b708c71e7a2111c87371dbfc1d53dd6
4
reference_url https://github.com/advisories/GHSA-7hpq-3g6w-pvhf
reference_id GHSA-7hpq-3g6w-pvhf
reference_type
scores
url https://github.com/advisories/GHSA-7hpq-3g6w-pvhf
5
reference_url https://github.com/snowflakedb/snowflake-jdbc/security/advisories/GHSA-7hpq-3g6w-pvhf
reference_id GHSA-7hpq-3g6w-pvhf
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-29T18:01:39Z/
url https://github.com/snowflakedb/snowflake-jdbc/security/advisories/GHSA-7hpq-3g6w-pvhf
fixed_packages
0
url pkg:maven/net.snowflake/snowflake-jdbc@3.22.0
purl pkg:maven/net.snowflake/snowflake-jdbc@3.22.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-x1s8-w62k-vkec
1
vulnerability VCID-zz6x-xdq1-zyer
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/net.snowflake/snowflake-jdbc@3.22.0
aliases CVE-2025-24789, GHSA-7hpq-3g6w-pvhf
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u9e8-yuq2-f3bk
4
url VCID-x1s8-w62k-vkec
vulnerability_id VCID-x1s8-w62k-vkec
summary Snowflake, a platform for using artificial intelligence in the context of cloud computing, has a vulnerability in the Snowflake JDBC driver ("Driver") in versions 3.0.13 through 3.23.0 of the driver. When the logging level was set to DEBUG, the Driver would log locally the client-side encryption master key of the target stage during the execution of GET/PUT commands. This key by itself does not grant access to any sensitive data without additional access authorizations, and is not logged server-side by Snowflake. Snowflake fixed the issue in version 3.23.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-27496
reference_id
reference_type
scores
0
value 0.00114
scoring_system epss
scoring_elements 0.29646
published_at 2026-06-11T12:55:00Z
1
value 0.00114
scoring_system epss
scoring_elements 0.29861
published_at 2026-06-13T12:55:00Z
2
value 0.00114
scoring_system epss
scoring_elements 0.29843
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-27496
1
reference_url https://github.com/snowflakedb/snowflake-jdbc
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/snowflakedb/snowflake-jdbc
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-27496
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-27496
3
reference_url https://github.com/snowflakedb/snowflake-jdbc/commit/ef81582ce2f1dbc3c8794a696c94f4fe65fad507
reference_id ef81582ce2f1dbc3c8794a696c94f4fe65fad507
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-13T19:50:46Z/
url https://github.com/snowflakedb/snowflake-jdbc/commit/ef81582ce2f1dbc3c8794a696c94f4fe65fad507
4
reference_url https://github.com/advisories/GHSA-q298-375f-5q63
reference_id GHSA-q298-375f-5q63
reference_type
scores
url https://github.com/advisories/GHSA-q298-375f-5q63
5
reference_url https://github.com/snowflakedb/snowflake-jdbc/security/advisories/GHSA-q298-375f-5q63
reference_id GHSA-q298-375f-5q63
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-13T19:50:46Z/
url https://github.com/snowflakedb/snowflake-jdbc/security/advisories/GHSA-q298-375f-5q63
fixed_packages
0
url pkg:maven/net.snowflake/snowflake-jdbc@3.23.1
purl pkg:maven/net.snowflake/snowflake-jdbc@3.23.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zz6x-xdq1-zyer
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/net.snowflake/snowflake-jdbc@3.23.1
aliases CVE-2025-27496, GHSA-q298-375f-5q63
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x1s8-w62k-vkec
5
url VCID-zz6x-xdq1-zyer
vulnerability_id VCID-zz6x-xdq1-zyer
summary A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. Executing a manipulation of the argument nonProxyHosts can lead to inefficient regular expression complexity. The attack can only be executed locally. The exploit has been made available to the public and could be used for attacks. This patch is called 5fb0a8a318a2ed87f4022a1f56e742424ba94052. A patch should be applied to remediate this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3293.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3293.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-3293
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02315
published_at 2026-06-13T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.0232
published_at 2026-06-12T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02322
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-3293
2
reference_url https://github.com/snowflakedb/snowflake-jdbc
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 1.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/snowflakedb/snowflake-jdbc
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2443274
reference_id 2443274
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2443274
4
reference_url https://github.com/snowflakedb/snowflake-jdbc/issues/2505
reference_id 2505
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
4
value 1.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
5
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
6
value LOW
scoring_system generic_textual
scoring_elements
7
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-27T18:53:28Z/
url https://github.com/snowflakedb/snowflake-jdbc/issues/2505
5
reference_url https://github.com/snowflakedb/snowflake-jdbc/issues/2505#issue-3951994646
reference_id 2505#issue-3951994646
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
3
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
4
value 1.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
5
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
6
value LOW
scoring_system generic_textual
scoring_elements
7
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-27T18:53:28Z/
url https://github.com/snowflakedb/snowflake-jdbc/issues/2505#issue-3951994646
6
reference_url https://github.com/snowflakedb/snowflake-jdbc/commit/5fb0a8a318a2ed87f4022a1f56e742424ba94052
reference_id 5fb0a8a318a2ed87f4022a1f56e742424ba94052
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
4
value 1.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
5
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
6
value LOW
scoring_system generic_textual
scoring_elements
7
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-27T18:53:28Z/
url https://github.com/snowflakedb/snowflake-jdbc/commit/5fb0a8a318a2ed87f4022a1f56e742424ba94052
7
reference_url https://vuldb.com/?ctiid.348035
reference_id ?ctiid.348035
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
4
value 1.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
5
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
6
value LOW
scoring_system generic_textual
scoring_elements
7
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-27T18:53:28Z/
url https://vuldb.com/?ctiid.348035
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-3293
reference_id CVE-2026-3293
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 1.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-3293
9
reference_url https://github.com/advisories/GHSA-gx6c-pv62-9mcf
reference_id GHSA-gx6c-pv62-9mcf
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gx6c-pv62-9mcf
10
reference_url https://vuldb.com/?id.348035
reference_id ?id.348035
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
4
value 1.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
5
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
6
value LOW
scoring_system generic_textual
scoring_elements
7
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-27T18:53:28Z/
url https://vuldb.com/?id.348035
11
reference_url https://snowflakecomputing.atlassian.net/browse/SNOW-3104251
reference_id SNOW-3104251
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
3
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
4
value 1.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
5
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
6
value LOW
scoring_system generic_textual
scoring_elements
7
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-27T18:53:28Z/
url https://snowflakecomputing.atlassian.net/browse/SNOW-3104251
12
reference_url https://github.com/snowflakedb/snowflake-jdbc/
reference_id snowflake-jdbc
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
3
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-27T18:53:28Z/
url https://github.com/snowflakedb/snowflake-jdbc/
13
reference_url https://vuldb.com/?submit.760428
reference_id ?submit.760428
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
3
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
4
value 1.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
5
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
6
value LOW
scoring_system generic_textual
scoring_elements
7
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-27T18:53:28Z/
url https://vuldb.com/?submit.760428
fixed_packages
0
url pkg:maven/net.snowflake/snowflake-jdbc@4.0.2
purl pkg:maven/net.snowflake/snowflake-jdbc@4.0.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/net.snowflake/snowflake-jdbc@4.0.2
aliases CVE-2026-3293, GHSA-gx6c-pv62-9mcf
risk_score 2.1
exploitability 0.5
weighted_severity 4.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zz6x-xdq1-zyer
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/net.snowflake/snowflake-jdbc@3.12.14