3.23.0
8 years ago
17 days ago
Known vulnerabilities in the net.snowflake:snowflake-jdbc package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File. When the logging level is set to Note: This key by itself does not grant access to any sensitive data without additional access authorizations, and is not logged server-side by Snowflake. How to fix Insertion of Sensitive Information into Log File? Upgrade | [3.0.13,3.23.1) |
Affected versions of this package are vulnerable to Untrusted Search Path when the How to fix Untrusted Search Path? Upgrade | [3.2.3,3.22.0) |
Affected versions of this package are vulnerable to Incorrect Default Permissions on the temporary credential cache directory, handled in How to fix Incorrect Default Permissions? Upgrade | [3.6.8,3.22.0) |
Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data due to a misbounded check in the Note: AWS deployments are not vulnerable. How to fix Missing Encryption of Sensitive Data? Upgrade | [3.2.6,3.20.0) |
Affected versions of this package are vulnerable to Arbitrary Code Execution via SSO URL authentication. How to fix Arbitrary Code Execution? Upgrade | [,3.13.29) |