cvedb.io
CVE-2025-24794
MEDIUM · CVSS 6.7
EPSS exploitation probability: 0%
Published 2025-01-29T21:15:21.397 · Last modified 2026-06-17T08:59:37.300

Summary

The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. The OCSP response cache uses pickle as the serialization format, potentially leading to local privilege escalation. This vulnerability affects versions 2.7.12 through 3.13.0. Snowflake fixed the issue in version 3.13.1.

Affected products

snowflake — snowflake_connector

Does this affect you?

Add your gear to cvedb and we'll alert you only when snowflake ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.