CVE-2024-43382
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-43382
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-43382.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-43382
- Aliases
- Related
- Published
- 2024-10-30T21:15:14Z
- Modified
- 2025-08-21T11:47:59.316776Z
- Summary
- [none]
- Details
-
Snowflake JDBC driver versions >= 3.2.6 and <= 3.19.1 have an Incorrect Security Setting that can result in data being uploaded to an encrypted stage without the additional layer of protection provided by client side encryption.
- References
Affected packages
Git / github.com/snowflakedb/snowflake-jdbc
Affected versions
3.*
3.13.21
3.13.22
v3.*
v3.10.0
v3.10.1
v3.10.2
v3.10.3
v3.11.0
v3.11.1
v3.12.0
v3.12.1
v3.12.11
v3.12.12
v3.12.14
v3.12.16
v3.12.2
v3.12.3
v3.12.4
v3.12.5
v3.12.6
v3.12.7
v3.12.9
v3.13.0
v3.13.1
v3.13.10
v3.13.12
v3.13.13
v3.13.14
v3.13.15
v3.13.16
v3.13.17
v3.13.18
v3.13.19
v3.13.2
v3.13.20
v3.13.21
v3.13.22
v3.13.23
v3.13.24
v3.13.25
v3.13.26
v3.13.27
v3.13.28
v3.13.29
v3.13.3
v3.13.30
v3.13.31
v3.13.32
v3.13.33
v3.13.4
v3.13.5
v3.13.6
v3.13.7
v3.13.8
v3.13.9
v3.14.0
v3.14.1
v3.14.2
v3.14.3
v3.14.4
v3.14.5
v3.15.0
v3.15.1
v3.16.0
v3.16.1
v3.17.0
v3.18.0
v3.19.0
v3.19.1
v3.2.6
v3.2.7
v3.3.0
v3.3.1
v3.3.2
v3.3.3
v3.4.0
v3.4.1
v3.4.2
v3.4.3
v3.5.0
v3.5.2
v3.5.3
v3.5.4
v3.5.5
v3.6.0
v3.6.1
v3.6.10
v3.6.11
v3.6.12
v3.6.13
v3.6.14
v3.6.15
v3.6.16
v3.6.17
v3.6.18
v3.6.19
v3.6.2
v3.6.20
v3.6.21
v3.6.23
v3.6.24
v3.6.25
v3.6.26
v3.6.27
v3.6.28
v3.6.3
v3.6.4
v3.6.5
v3.6.6
v3.6.7
v3.6.8
v3.6.9
v3.7.0
v3.7.1
v3.7.2
v3.8.0
v3.8.1
v3.8.2
v3.8.3
v3.8.4
v3.8.5
v3.8.6
v3.8.7
v3.8.8
v3.9.0
v3.9.1
v3.9.2