CVE-2022-42965

Inefficient Regular Expression Complexity in pypi/snowflake-connector-python

Identifiers

CVE-2022-42965

Package Slug

pypi/snowflake-connector-python

Vulnerability

Inefficient Regular Expression Complexity

Description

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the get_file_transfer_type method

Affected Versions

All versions

Solution

Unfortunately, there is no solution available yet.

Last Modified

2022-11-13

source