Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. On Linux systems, when temporary credential caching is enabled, the Snowflake JDBC Driver will cache temporary credentials locally in a world-readable file. This vulnerability affects versions 3.6.8 through 3.21.0. Snowflake fixed the issue in version 3.22.0.
{ "vanir_signatures": [ { "id": "CVE-2025-24790-00c5e748", "digest": { "length": 660.0, "function_hash": "267082815567675153597066335798230767069" }, "signature_version": "v1", "target": { "file": "src/main/java/net/snowflake/client/config/SFConnectionConfigParser.java", "function": "verifyFilePermissionSecure" }, "deprecated": false, "signature_type": "Function", "source": "https://github.com/snowflakedb/snowflake-jdbc/commit/9e1a5acf12406b16c4780ca013f4c4db48b74b59" }, { "id": "CVE-2025-24790-044ecfdd", "digest": { "threshold": 0.9, "line_hashes": [ "302691532558026925272618544863330670925", "37156873300651616045415418797011579834", "39919335420505126997791423690131666916", "136295635263642431219641520822415584960", "209651083868708974916159724919904418379", "170324097534770977279835257293564425200", "228059556132962031126650865930018368140", "8605277774593175385780331616798284958", "152079921340677723667489717399723001151", "318365716242150254505842725733979519639", "313067858501943374081385997354695901822", "141745145489457588045596936164339401028" ] }, "signature_version": "v1", "target": { "file": "src/test/java/net/snowflake/client/config/SFConnectionConfigParserTest.java" }, "deprecated": false, "signature_type": "Line", "source": "https://github.com/snowflakedb/snowflake-jdbc/commit/9e1a5acf12406b16c4780ca013f4c4db48b74b59" }, { "id": "CVE-2025-24790-1679faf4", "digest": { "length": 721.0, "function_hash": "131729814493478956440061382029794945916" }, "signature_version": "v1", "target": { "file": "src/main/java/net/snowflake/client/core/FileCacheManager.java", "function": "writeCacheFile" }, "deprecated": false, "signature_type": "Function", "source": "https://github.com/snowflakedb/snowflake-jdbc/commit/9e1a5acf12406b16c4780ca013f4c4db48b74b59" }, { "id": "CVE-2025-24790-39b846dc", "digest": { "length": 709.0, "function_hash": "142660585759291541509759234407789724271" }, "signature_version": "v1", "target": { "file": "src/main/java/net/snowflake/client/core/FileUtil.java", "function": "logWarnWhenAccessibleByOthers" }, "deprecated": false, "signature_type": "Function", "source": "https://github.com/snowflakedb/snowflake-jdbc/commit/9e1a5acf12406b16c4780ca013f4c4db48b74b59" }, { "id": "CVE-2025-24790-5a58f7d5", "digest": { "length": 219.0, "function_hash": "290338770904075704497209831672309120732" }, "signature_version": "v1", "target": { "file": "src/main/java/net/snowflake/client/core/FileCacheManager.java", "function": "overrideCacheFile" }, "deprecated": false, "signature_type": "Function", "source": "https://github.com/snowflakedb/snowflake-jdbc/commit/9e1a5acf12406b16c4780ca013f4c4db48b74b59" }, { "id": "CVE-2025-24790-6a5fa887", "digest": { "threshold": 0.9, "line_hashes": [ "73976112699917309931024774597581662113", "50253083669481195434184310465864141728", "212861316574144062561645877296073239840", "338558288706611569460987452655670077669", "202032693239603018949216424695678381549", "262767987506304509265961341304433315278", "136647244669198332481596330421708957883" ] }, "signature_version": "v1", "target": { "file": "src/main/java/net/snowflake/client/jdbc/DefaultSFConnectionHandler.java" }, "deprecated": false, "signature_type": "Line", "source": "https://github.com/snowflakedb/snowflake-jdbc/commit/9e1a5acf12406b16c4780ca013f4c4db48b74b59" }, { "id": "CVE-2025-24790-723b6bb5", "digest": { "threshold": 0.9, "line_hashes": [ "160275744117220299633289872200815868098", "154774052860513588879944045346395172190", "314803004312080034675943017265127626404", "193046316580214823827240995869803347658" ] }, "signature_version": "v1", "target": { "file": "src/main/java/net/snowflake/client/core/SFTrustManager.java" }, "deprecated": false, "signature_type": "Line", "source": "https://github.com/snowflakedb/snowflake-jdbc/commit/9e1a5acf12406b16c4780ca013f4c4db48b74b59" }, { "id": "CVE-2025-24790-75f0d216", "digest": { "threshold": 0.9, "line_hashes": [ "148170769118522356603617380247758735159", "273699830177054295324470377824097410863", "136990786752029565412123281119928800457", "194219915264450634480683596438458173928", "135821508598843898475291883742557364537", "31880349997688720464299424989077299117", "190611885261109456187141000329524296825", "261656857895077150138289194618993504486", "94957473675071339139731753001067079321", "289318233121107697521922736279526986906", "5470005389997869726018249215461320654", "233393374196392891228312096290198176194", "211316140328062848817645096468058573872", "272303672371760783440947719030978723560", "205432396789011821195549626017781279413", "123801708958351569194965046271078341324", "149644081579463874755634859197802053845", "253569326511333793337865935474739119225", "89167944138425049134982470657035004939", "70827705021556245195692493498252740979", "329384598757071822198160569591004460850", "277160621214947610365160773467369966610", "37321732977137876264379340183068703612", "318018741537563028802259926607155013161", "15125669873600356254531448516348032364", "115501403245518395874665775842449514394", "54540293140739238554893272370333889726", "272444161175274474008436292137675324902", "261068711572246318574270089488912933737", "242402635519065183449098331362183567872", "61495130561151669890376210600853779272", "105745523444514940728987305974225092973", "291969403964248641857564012916163183745", "161053952839865818247427395412456938612", "29300909228141804996926622583889050061", "160734571449668362412005267324600543760", "257017056929584814843127761636129028810", "221412004059397599569068753783679513416" ] }, "signature_version": "v1", "target": { "file": "src/main/java/net/snowflake/client/core/FileUtil.java" }, "deprecated": false, "signature_type": "Line", "source": "https://github.com/snowflakedb/snowflake-jdbc/commit/9e1a5acf12406b16c4780ca013f4c4db48b74b59" }, { "id": "CVE-2025-24790-8d921725", "digest": { "length": 410.0, "function_hash": "167227644046728930023425478713748159749" }, "signature_version": "v1", "target": { "file": "src/test/java/net/snowflake/client/config/SFConnectionConfigParserTest.java", "function": "createFilePathWithPermission" }, "deprecated": false, "signature_type": "Function", "source": "https://github.com/snowflakedb/snowflake-jdbc/commit/9e1a5acf12406b16c4780ca013f4c4db48b74b59" }, { "id": "CVE-2025-24790-9844aeca", "digest": { "length": 964.0, "function_hash": "180705898589913274785564461658076748777" }, "signature_version": "v1", "target": { "file": "src/main/java/net/snowflake/client/jdbc/DefaultSFConnectionHandler.java", "function": "checkLogFolderPermissions" }, "deprecated": false, "signature_type": "Function", "source": "https://github.com/snowflakedb/snowflake-jdbc/commit/9e1a5acf12406b16c4780ca013f4c4db48b74b59" }, { "id": "CVE-2025-24790-ba60a833", "digest": { "threshold": 0.9, "line_hashes": [ "261114618771202542833759815209208817398", "295776024517750380090261865488681407365", "257747662816328338018145986696675445688", "166474475155067067893083389462416020586", "243390408600036115126058631591102724915", "206410449313186297826327627363862144065", "58792665122832269071536752825058187101", "262946435431897631626240358774788615245", "233864975992381939328533114727171087482", "110460012734885271253036365826850864894", "269026747493347767534323323193240263000", "191626791636638596772698118890748029898", "221718032382993427075487687385703477098", "221772389378500056490502053368346715302", "124478389852456709471744528393208011139", "330222071061825949080771655553341503912", "278563960728621691021964824187608476827", "212675610508077801728594892011564087987", "173067266914152219964128990735180418887", "215142719370603818256343949672901999472", "290607117066965794818762051454276720248", "172305222636049772122321245413983210706", "168504054943658847262704865685339599125", "266411641457010074728420607820561747415", "100501788401443892450173847428334057602", "237160126938176066721366130324485456163", "141337673662501214716514364446165035405", "124958889727213277461897071713154907179", "90406423535905464576370826323472556241", "312141596865184774118440952137945054262", "56739526018124791740654112311333423296", "243880504496352320267902089159341029808", "83361571888290333368704382926701751387", "236932392326522564601606782146069243399", "136136488926046696678134178907326950781", "282270837767529786447436265702665587339", "251958821713471247553280152864555890766", "327982691637241272957807901071343351681", "279170016148946595028990438611591382435", "138062896894553415519042960370064505347", "237154436817476453520630451673094852231", "65097720638614464935191110456545744028", "126546589600767664500560451854782001721" ] }, "signature_version": "v1", "target": { "file": "src/main/java/net/snowflake/client/core/FileCacheManager.java" }, "deprecated": false, "signature_type": "Line", "source": "https://github.com/snowflakedb/snowflake-jdbc/commit/9e1a5acf12406b16c4780ca013f4c4db48b74b59" }, { "id": "CVE-2025-24790-be573004", "digest": { "length": 569.0, "function_hash": "251161856920447475829798045732917156498" }, "signature_version": "v1", "target": { "file": "src/main/java/net/snowflake/client/core/FileCacheManager.java", "function": "readCacheFile" }, "deprecated": false, "signature_type": "Function", "source": "https://github.com/snowflakedb/snowflake-jdbc/commit/9e1a5acf12406b16c4780ca013f4c4db48b74b59" }, { "id": "CVE-2025-24790-ce2d470e", "digest": { "threshold": 0.9, "line_hashes": [ "166696671607065958152846080115958943049", "186389901162011342554886827793010655099" ] }, "signature_version": "v1", "target": { "file": "src/main/java/net/snowflake/client/jdbc/SnowflakeUtil.java" }, "deprecated": false, "signature_type": "Line", "source": "https://github.com/snowflakedb/snowflake-jdbc/commit/9e1a5acf12406b16c4780ca013f4c4db48b74b59" }, { "id": "CVE-2025-24790-d424b9e4", "digest": { "length": 2183.0, "function_hash": "217853009727825249811720847010416829946" }, "signature_version": "v1", "target": { "file": "src/main/java/net/snowflake/client/core/FileCacheManager.java", "function": "build" }, "deprecated": false, "signature_type": "Function", "source": "https://github.com/snowflakedb/snowflake-jdbc/commit/9e1a5acf12406b16c4780ca013f4c4db48b74b59" }, { "id": "CVE-2025-24790-e2d81115", "digest": { "threshold": 0.9, "line_hashes": [ "68818324928285929154007835650658542201", "253106919845028275901201033600923014437", "90511856172833844573783170746350499591", "204721036961541077794142076554067569868", "307426436098706566982667618245368703437", "279075524077064985717012604375706356193", "128917599882841979505171535906117239589", "251394730623089918246929831954276499826", "184399920267816628236028906562638545992", "339239817331712015425448296148625879095" ] }, "signature_version": "v1", "target": { "file": "src/main/java/net/snowflake/client/config/SFConnectionConfigParser.java" }, "deprecated": false, "signature_type": "Line", "source": "https://github.com/snowflakedb/snowflake-jdbc/commit/9e1a5acf12406b16c4780ca013f4c4db48b74b59" }, { "id": "CVE-2025-24790-e9d84e3b", "digest": { "length": 175.0, "function_hash": "133055186425075045542814483990513916369" }, "signature_version": "v1", "target": { "file": "src/main/java/net/snowflake/client/core/FileUtil.java", "function": "logFileUsage" }, "deprecated": false, "signature_type": "Function", "source": "https://github.com/snowflakedb/snowflake-jdbc/commit/9e1a5acf12406b16c4780ca013f4c4db48b74b59" } ] }