CVE-2025-24789
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-24789
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-24789.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-24789
- Aliases
- Related
- Published
- 2025-01-29T18:15:47Z
- Modified
- 2025-01-30T01:58:23.363166Z
- Summary
- [none]
- Details
-
Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. When the EXTERNALBROWSER authentication method is used on Windows, an attacker with write access to a directory in the %PATH% can escalate their privileges to the user that runs the vulnerable JDBC Driver version. This vulnerability affects versions 3.2.3 through 3.21.0 on Windows. Snowflake fixed the issue in version 3.22.0.
- References
Affected packages
Git / github.com/snowflakedb/snowflake-jdbc
Affected ranges
- Type
- GIT
- Repo
- https://github.com/snowflakedb/snowflake-jdbc
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
3.*
3.13.21
3.13.22
v3.*
v3.0.13
v3.0.14
v3.0.15
v3.0.16
v3.0.17
v3.0.18
v3.0.19
v3.0.20
v3.0.21
v3.1.0
v3.1.1
v3.10.0
v3.10.1
v3.10.2
v3.10.3
v3.11.0
v3.11.1
v3.12.0
v3.12.1
v3.12.11
v3.12.12
v3.12.14
v3.12.16
v3.12.2
v3.12.3
v3.12.4
v3.12.5
v3.12.6
v3.12.7
v3.12.9
v3.13.0
v3.13.1
v3.13.10
v3.13.12
v3.13.13
v3.13.14
v3.13.15
v3.13.16
v3.13.17
v3.13.18
v3.13.19
v3.13.2
v3.13.20
v3.13.21
v3.13.22
v3.13.23
v3.13.24
v3.13.25
v3.13.26
v3.13.27
v3.13.28
v3.13.29
v3.13.3
v3.13.30
v3.13.31
v3.13.32
v3.13.33
v3.13.4
v3.13.5
v3.13.6
v3.13.7
v3.13.8
v3.13.9
v3.14.0
v3.14.1
v3.14.2
v3.14.3
v3.14.4
v3.14.5
v3.15.0
v3.15.1
v3.16.0
v3.16.1
v3.17.0
v3.18.0
v3.19.0
v3.19.1
v3.2.0
v3.2.1
v3.2.2
v3.2.3
v3.2.4
v3.2.5
v3.2.6
v3.2.7
v3.20.0
v3.21.0
v3.3.0
v3.3.1
v3.3.2
v3.3.3
v3.4.0
v3.4.1
v3.4.2
v3.4.3
v3.5.0
v3.5.2
v3.5.3
v3.5.4
v3.5.5
v3.6.0
v3.6.1
v3.6.10
v3.6.11
v3.6.12
v3.6.13
v3.6.14
v3.6.15
v3.6.16
v3.6.17
v3.6.18
v3.6.19
v3.6.2
v3.6.20
v3.6.21
v3.6.23
v3.6.24
v3.6.25
v3.6.26
v3.6.27
v3.6.28
v3.6.3
v3.6.4
v3.6.5
v3.6.6
v3.6.7
v3.6.8
v3.6.9
v3.7.0
v3.7.1
v3.7.2
v3.8.0
v3.8.1
v3.8.2
v3.8.3
v3.8.4
v3.8.5
v3.8.6
v3.8.7
v3.8.8
v3.9.0
v3.9.1
v3.9.2