Ce mail provient de l'extérieur, restons vigilants ===================================================================== CERT-Renater Note d'Information No. 2025/VULN059 _____________________________________________________________________ DATE : 30/01/2025 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Snowflake Connector for Python versions prior to 3.13.1. ===================================================================== https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43 _____________________________________________________________________ SQL Injection in write_pandas High sfc-gh-fochnik published GHSA-2vpq-fh52-j3wv Jan 29, 2025 Package snowflake-connector-python (pip) Affected versions >= 2.2.5, <= 3.13.0 Patched versions 3.13.1 Description Issue Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. A function from the snowflake.connector.pandas_tools module is vulnerable to SQL injection. This vulnerability affects versions 2.2.5 through 3.13.0. Snowflake fixed the issue in version 3.13.1. Vulnerability Details A function from the snowflake.connector.pandas_tools module is not sanitizing all of its arguments, and queries using them are not parametrized. An attacker controlling these arguments could achieve SQL injection by passing crafted input. Any SQL executed that way by an attacker would still run in the context of the current session. Solution Snowflake released version 3.13.1 of the Snowflake Connector for Python, which fixes this issue. We recommend users upgrade to version 3.13.1. _____________________________________________________________________ nsecure deserialization of the OCSP response cache Moderate sfc-gh-fochnik published GHSA-m4f6-vcj4-w5mx Jan 29, 2025 Package snowflake-connector-python (pip) Affected versions >= 2.7.12, <= 3.13.0 Patched versions 3.13.1 Description Issue Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. The OCSP response cache uses pickle as the serialization format, potentially leading to local privilege escalation. This vulnerability affects versions 2.7.12 through 3.13.0. Snowflake fixed the issue in version 3.13.1. Vulnerability Details The OCSP response cache is saved locally on the machine running the Connector using the pickle serialization format. This can potentially lead to local privilege escalation if an attacker has write access to the OCSP response cache file. Solution Snowflake released version 3.13.1 of the Snowflake Connector for Python, which fixes this issue. We recommend users upgrade to version 3.13.1. Additional Information If you discover a security vulnerability in one of our products or websites, please report the issue to HackerOne. For more information, please see our Vulnerability Disclosure Policy. Severity Moderate 6.7/ 10 CVSS v3 base metrics Attack vector Local Attack complexity Low Privileges required High User interaction None Scope Unchanged Confidentiality High Integrity High Availability High CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE ID CVE-2025-24794 Weaknesses CWE-502 _____________________________________________________________________ Insecure cache files permissions Moderate sfc-gh-fochnik published GHSA-r2x6-cjg7-8r43 Jan 29, 2025 Package snowflake-connector-python (pip) Affected versions >= 2.3.7, <= 3.13.0 Patched versions 3.13.1 Description Issue Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. On Linux systems, when temporary credential caching is enabled, the Snowflake Connector for Python will cache temporary credentials locally in a world-readable file. This vulnerability affects versions 2.3.7 through 3.13.0. Snowflake fixed the issue in version 3.13.1. Vulnerability Details On Linux, when either EXTERNALBROWSER or USERNAME_PASSWORD_MFA authentication methods are used with temporary credential caching enabled, the Snowflake Connector for Python will cache the temporary credentials in a local file. In the vulnerable versions of the Driver, this file is created with world-readable permissions. Solution Snowflake released version 3.13.1 of the Snowflake Connector for Python, which fixes this issue. We recommend users upgrade to version 3.13.1. Additional Information If you discover a security vulnerability in one of our products or websites, please report the issue to HackerOne. For more information, please see our Vulnerability Disclosure Policy. Severity Moderate 4.4/ 10 CVSS v3 base metrics Attack vector Local Attack complexity Low Privileges required Low User interaction None Scope Unchanged Confidentiality Low Integrity Low Availability None CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N CVE ID CVE-2025-24795 Weaknesses CWE-276 ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================