Home > Vulnerability Database > CVE-2025-46330

Mend.io Vulnerability Database

CVE-2025-46330

Good to know:

Date: April 28, 2025

libsnowflakeclient is the Snowflake Connector for C/C++. Versions starting from 0.5.0 to before 2.2.0, incorrectly treat malformed requests that caused the HTTP response status code 400, as able to be retried. This could hang the application until SF_CON_MAX_RETRY requests were sent. This issue has been patched in version 2.2.0.

Severity Score

3.3

Related Resources (4)

Url: https://github.com/snowflakedb/libsnowflakeclient/security/advisories/GHSA-ch37-53v3-m4cm

Url: https://github.com/snowflakedb/libsnowflakeclient/pull/882/commits/8120a057e041722e114ed2c5dbed3b5a649f72e2

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-46330

Url: https://www.mend.io/vulnerability-database/CVE-2025-46330

Severity Score

3.3

Weakness Type (CWE)

Improper Following of Specification by Caller

CWE-573

Top Fix

Upgrade Version

Upgrade to version https://github.com/snowflakedb/libsnowflakeclient.git - v2.2.0

Learn More

CVSS v3.1

Base Score:	3.3
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2025-46330

Good to know:

Date: April 28, 2025

Severity Score

Related Resources (4)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?