CVE-2025-46330
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-46330
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-46330.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-46330
- Aliases
-
- GHSA-ch37-53v3-m4cm
- Published
- 2025-04-29T05:15:46Z
- Modified
- 2025-05-17T14:29:17.661940Z
- Severity
-
- 3.3 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
- Summary
- [none]
- Details
-
libsnowflakeclient is the Snowflake Connector for C/C++. Versions starting from 0.5.0 to before 2.2.0, incorrectly treat malformed requests that caused the HTTP response status code 400, as able to be retried. This could hang the application until SFCONMAX_RETRY requests were sent. This issue has been patched in version 2.2.0.
- References
Affected packages
Git / github.com/snowflakedb/libsnowflakeclient
Affected versions
0.*
0.5.0
0.5.1
0.5.3
0.5.5
v0.*
v0.5.10
v0.5.11
v0.5.12
v0.5.13
v0.5.6
v0.5.7
v0.5.8
v0.5.9
v0.6.1
v0.6.10
v0.6.11
v0.6.12
v0.6.13
v0.6.14
v0.6.15
v0.6.16
v0.6.17
v0.6.18
v0.6.19
v0.6.2
v0.6.20
v0.6.3
v0.6.4
v0.6.5
v0.6.6
v0.6.7
v0.6.9
v0.68
v1.*
v1.0.0
v1.0.1
v1.0.10
v1.0.11
v1.0.12
v1.0.13
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.0.6
v1.0.7
v1.0.8
v1.0.9
v1.03
v1.1.0
v1.1.1
v2.*
v2.0.0
v2.1.0