漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
The Snowflake Connector for Python uses insecure cache files permissions
Vulnerability Description
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. On Linux systems, when temporary credential caching is enabled, the Snowflake Connector for Python will cache temporary credentials locally in a world-readable file. This vulnerability affects versions 2.3.7 through 3.13.0. Snowflake fixed the issue in version 3.13.1.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Vulnerability Type
缺省权限不正确
Vulnerability Title
Snowflake Connector for Python 安全漏洞
Vulnerability Description
Snowflake Connector for Python是Snowflake Computing开源的一个接口。用于开发可以连接到 Snowflake 并执行所有标准操作的 Python 应用程序。 Snowflake Connector for Python 3.13.1之前版本存在安全漏洞,该漏洞源于当启用临时凭据缓存时,将在本地将临时凭据缓存在一个全球可读的文件中。
CVSS Information
N/A
Vulnerability Type
N/A