Snowflakedb Gosnowflake vulnerabilities

CVE-2025-46327 [HIGH] CWE-367 CVE-2025-46327: gosnowflake is the Snowflake Golang driver. Versions starting from 1.7.0 to before 1.13.3, are vulne gosnowflake is the Snowflake Golang driver. Versions starting from 1.7.0 to before 1.13.3, are vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition. When using the Easy Logging feature on Linux and macOS, the Driver reads logging configuration from a user-provided file. On Linux and macOS the Driver verifies that the configuration file

CVE-2023-34231 [HIGH] CWE-77 CVE-2023-34231: gosnowflake is th Snowflake Golang driver. Prior to version 1.6.19, a command injection vulnerabilit gosnowflake is th Snowflake Golang driver. Prior to version 1.6.19, a command injection vulnerability exists in the Snowflake Golang driver via single sign-on (SSO) browser URL authentication. In order to exploit the potential for command injection, an attacker would need to be successful in (1) establishing a malicious resource and (2) redirecting use