{"id":"CVE-2025-24789","summary":"Snowflake JDBC allows an untrusted search path on Windows","details":"Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. When the EXTERNALBROWSER authentication method is used on Windows, an attacker with write access to a directory in the %PATH% can escalate their privileges to the user that runs the vulnerable JDBC Driver version. This vulnerability affects versions 3.2.3 through 3.21.0 on Windows. Snowflake fixed the issue in version 3.22.0.","aliases":["GHSA-7hpq-3g6w-pvhf"],"modified":"2026-04-12T14:04:25.786302Z","published":"2025-01-29T17:46:20.985Z","related":["CGA-9mx8-p2j2-33wj"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/24xxx/CVE-2025-24789.json","cna_assigner":"GitHub_M","cwe_ids":["CWE-426"]},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/24xxx/CVE-2025-24789.json"},{"type":"ADVISORY","url":"https://github.com/snowflakedb/snowflake-jdbc/security/advisories/GHSA-7hpq-3g6w-pvhf"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24789"},{"type":"FIX","url":"https://github.com/snowflakedb/snowflake-jdbc/commit/4f01bb8f9b708c71e7a2111c87371dbfc1d53dd6"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/snowflakedb/snowflake-jdbc","events":[{"introduced":"fa0610409db0fe3651993fa80c184478e1e8a6a7"},{"fixed":"ebb315c4a01b18e571cff086d67aff33def10400"}]}],"versions":["3.13.21","3.13.22","v3.10.0","v3.10.1","v3.10.2","v3.10.3","v3.11.0","v3.11.1","v3.12.0","v3.12.1","v3.12.11","v3.12.12","v3.12.14","v3.12.16","v3.12.2","v3.12.3","v3.12.4","v3.12.5","v3.12.6","v3.12.7","v3.12.9","v3.13.0","v3.13.1","v3.13.10","v3.13.12","v3.13.13","v3.13.14","v3.13.15","v3.13.16","v3.13.17","v3.13.18","v3.13.19","v3.13.2","v3.13.20","v3.13.21","v3.13.22","v3.13.23","v3.13.24","v3.13.25","v3.13.26","v3.13.27","v3.13.28","v3.13.29","v3.13.3","v3.13.30","v3.13.31","v3.13.32","v3.13.33","v3.13.4","v3.13.5","v3.13.6","v3.13.7","v3.13.8","v3.13.9","v3.14.0","v3.14.1","v3.14.2","v3.14.3","v3.14.4","v3.14.5","v3.15.0","v3.15.1","v3.16.0","v3.16.1","v3.17.0","v3.18.0","v3.19.0","v3.19.1","v3.2.3","v3.2.4","v3.2.5","v3.2.6","v3.2.7","v3.20.0","v3.21.0","v3.3.0","v3.3.1","v3.3.2","v3.3.3","v3.4.0","v3.4.1","v3.4.2","v3.4.3","v3.5.0","v3.5.2","v3.5.3","v3.5.4","v3.5.5","v3.6.0","v3.6.1","v3.6.10","v3.6.11","v3.6.13","v3.6.14","v3.6.15","v3.6.17","v3.6.18","v3.6.19","v3.6.2","v3.6.20","v3.6.21","v3.6.23","v3.6.24","v3.6.25","v3.6.26","v3.6.27","v3.6.28","v3.6.3","v3.6.4","v3.6.5","v3.6.6","v3.6.8","v3.6.9","v3.7.0","v3.7.1","v3.7.2","v3.8.0","v3.8.1","v3.8.2","v3.8.3","v3.8.4","v3.8.5","v3.8.6","v3.8.7","v3.8.8","v3.9.0","v3.9.1","v3.9.2"],"database_specific":{"vanir_signatures":[{"digest":{"line_hashes":["163462292315131043009619918423020661552","172755071904979632887942217402952396872","324038985784841644452231720853664589211","186511955661388583231338465135382544632"],"threshold":0.9},"target":{"file":"src/main/java/net/snowflake/client/jdbc/SnowflakeDriver.java"},"deprecated":false,"source":"https://github.com/snowflakedb/snowflake-jdbc/commit/ebb315c4a01b18e571cff086d67aff33def10400","signature_version":"v1","id":"CVE-2025-24789-e1762ab4","signature_type":"Line"}],"vanir_signatures_modified":"2026-04-12T14:04:25Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-24789.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}