{"id":"PYSEC-2025-28","details":"The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. On Linux systems, when temporary credential caching is enabled, the Snowflake Connector for Python will cache temporary credentials locally in a world-readable file. This vulnerability affects versions 2.3.7 through 3.13.0. Snowflake fixed the issue in version 3.13.1.","aliases":["CVE-2025-24795","GHSA-r2x6-cjg7-8r43"],"modified":"2025-04-09T17:59:12.570886Z","published":"2025-01-29T21:15:21Z","references":[{"type":"ADVISORY","url":"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43"},{"type":"FIX","url":"https://github.com/snowflakedb/snowflake-connector-python/commit/3769b43822357c3874c40f5e74068458c2dc79af"}],"affected":[{"package":{"name":"snowflake-connector-python","ecosystem":"PyPI","purl":"pkg:pypi/snowflake-connector-python"},"ranges":[{"type":"GIT","repo":"https://github.com/snowflakedb/snowflake-connector-python","events":[{"introduced":"0"},{"fixed":"3769b43822357c3874c40f5e74068458c2dc79af"}]},{"type":"ECOSYSTEM","events":[{"introduced":"2.3.7"},{"fixed":"3.13.1"}]}],"versions":["2.3.10","2.3.7","2.3.8","2.3.9","2.4.0","2.4.1","2.4.2","2.4.3","2.4.4","2.4.5","2.4.6","2.5.0","2.5.1","2.6.0","2.6.1","2.6.2","2.7.0","2.7.1","2.7.10","2.7.11","2.7.12","2.7.2","2.7.3","2.7.4","2.7.5","2.7.6","2.7.7","2.7.8","2.7.9","2.8.0","2.8.1","2.8.2","2.8.3","2.9.0","3.0.0","3.0.1","3.0.2","3.0.3","3.0.4","3.1.0","3.1.0a1","3.1.0a2","3.1.1","3.10.0","3.10.1","3.11.0","3.12.0","3.12.1","3.12.2","3.12.3","3.12.4","3.13.0","3.2.0","3.2.1","3.3.0","3.3.0b1","3.3.1","3.4.0","3.4.1","3.5.0","3.6.0","3.7.0","3.7.1","3.8.0","3.8.1","3.9.0","3.9.1"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/snowflake-connector-python/PYSEC-2025-28.yaml"}}],"schema_version":"1.7.3"}