
We found results for “”
CVE-2025-50213
Good to know:

Date: June 24, 2025
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) vulnerability in Apache Airflow Providers Snowflake. This issue affects Apache Airflow Providers Snowflake: before 6.4.0. Sanitation of table and stage parameters were added in CopyFromExternalStageToSnowflakeOperator to prevent SQL injection Users are recommended to upgrade to version 6.4.0, which fixes the issue.
Severity Score
Related Resources (7)
Severity Score
Weakness Type (CWE)
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)
CWE-75Top Fix

Upgrade Version
Upgrade to version apache-airflow-providers-snowflake - 6.4.0;apache-airflow-providers-snowflake - 6.4.0;https://github.com/apache/airflow.git - providers-snowflake/6.4.0
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | HIGH |
Availability (A): | HIGH |