CVE-2024-43382: Snowflake JDBC Security Advisory

October 30, 2024 (updated October 31, 2024)

Snowflake identified an incorrect security setting in Snowflake JDBC drivers. Snowflake has evaluated the severity of the issue and determined it was in medium range with a maximum CVSSv3 base score of 5.9.

References

github.com/advisories/GHSA-f686-hw9c-xw9c
github.com/snowflakedb/snowflake-jdbc
github.com/snowflakedb/snowflake-jdbc/security/advisories/GHSA-f686-hw9c-xw9c
nvd.nist.gov/vuln/detail/CVE-2024-43382

Detect and mitigate CVE-2024-43382 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →