CVE ID
- CVE-2025-24790 - On Linux, when temporary credential caching is enabled, the JDBC Driver caches credentials in a world-readable file.
CWE ID
- CWE-276 (Incorrect Default Permissions)
CPEs
- cpe:2.3:a:snowflake:snowflake_jdbc:*:*:*:*:*:*:*:* (versions >= 3.6.8, < 3.22.0)
Affected versions
- 3.6.8 through 3.21.0
Patched versions:
- 3.22.0
Description
- Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. On Linux systems, when temporary credential caching is enabled, the Snowflake JDBC Driver will cache temporary credentials locally in a world-readable file. This vulnerability affects versions 3.6.8 through 3.21.0. Snowflake fixed the issue in version 3.22.0.
Resolution
- Upgrade to Snowflake JDBC Driver version 3.22.0 or later.
