Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-mjw2-v2hm-wj34
  • PyPI/dagster
  • PyPI/dagster-deltalake
  • PyPI/dagster-duckdb
  • PyPI/dagster-gcp
  • PyPI/dagster-snowflake
  • ... 1 more
 Dagster Vulnerable to SQL Injection via Dynamic Partition Keys in Database I/O Manager Integrations 3 days ago
  • Fix available
  • Severity - 8.3 (High)
MAL-2026-2109
  • PyPI/pyregions-snowflake
 Malicious code in pyregions-snowflake (PyPI) 23 Mar
  • No fix available
GHSA-9r64-3wmc-x8m8
  • PyPI/apache-airflow-providers-snowflake
 Apache Airflow Providers Snowflake package allows for Special Element Injection via CopyFromExternalStageToSnowflakeOperator 26 Jun 2025
  • Fix available
  • Severity - 9.8 (Critical)
PYSEC-2025-51
  • PyPI/apache-airflow-providers-snowflake
 See record for full details 24 Jun 2025
  • Fix available
PYSEC-2025-26
  • PyPI/snowflake-connector-python
  • github.com/snowflakedb/snowflake-connector-python
 See record for full details 29 Jan 2025
  • Fix available
PYSEC-2025-27
  • PyPI/snowflake-connector-python
  • github.com/snowflakedb/snowflake-connector-python
 See record for full details 29 Jan 2025
  • Fix available
PYSEC-2025-28
  • PyPI/snowflake-connector-python
  • github.com/snowflakedb/snowflake-connector-python
 See record for full details 29 Jan 2025
  • Fix available
GHSA-2vpq-fh52-j3wv
  • PyPI/snowflake-connector-python
 snowflake-connector-python vulnerable to SQL Injection in write_pandas 29 Jan 2025
  • Fix available
  • Severity - 7.0 (High)
GHSA-m4f6-vcj4-w5mx
  • PyPI/snowflake-connector-python
 snowflake-connector-python vulnerable to insecure deserialization of the OCSP response cache 29 Jan 2025
  • Fix available
  • Severity - 6.7 (Medium)
GHSA-r2x6-cjg7-8r43
  • PyPI/snowflake-connector-python
 snowflake-connector-python vulnerable to insecure cache files permissions 29 Jan 2025
  • Fix available
  • Severity - 4.4 (Medium)
GHSA-5vvg-pvhp-hv2m
  • PyPI/snowflake-connector-python
 The Snowflake Connector for Python stores sensitive data in logs 24 Oct 2024
  • Fix available
  • Severity - 5.5 (Medium)
PYSEC-2024-191
  • PyPI/snowflake-connector-python
  • github.com/snowflakedb/snowflake-connector-python
 See record for full details 24 Oct 2024
  • Fix available
  • Severity - 5.5 (Medium)
GHSA-5w5m-pfw9-c8fp
  • PyPI/snowflake-connector-python
 Snowflake Python Connector vulnerable to Command Injection 09 Jun 2023
  • Fix available
  • Severity - 8.5 (High)
PYSEC-2023-88
  • PyPI/snowflake-connector-python
  • github.com/snowflakedb/snowflake-connector-python
 See record for full details 08 Jun 2023
  • Fix available
GHSA-4r6j-fwcx-94cf
  • PyPI/snowflake-connector-python
 snowflake-connector-python is vulnerable to Regular Expression Denial of Service (ReDoS) 10 Nov 2022
  • Fix available
  • Severity - 5.9 (Medium)