Description

Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. On Linux systems, when temporary credential caching is enabled, the Snowflake JDBC Driver will cache temporary credentials locally in a world-readable file. This vulnerability affects versions 3.6.8 through 3.21.0. Snowflake fixed the issue in version 3.22.0.

INFO

Published Date :

2025-01-29T17:49:19.771Z

Last Modified :

2025-02-12T19:51:13.788Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-24790 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-24790.

URL Resource
https://github.com/snowflakedb/snowflake-jdbc/commit/9e1a5acf12406b16c4780ca013f4c4db48b74b59 cve-icon cve-icon
https://github.com/snowflakedb/snowflake-jdbc/security/advisories/GHSA-33g6-495w-v8j2 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact