CVE-2025-24791
CVE-2025-24791
Título es
CVE-2025-24791
Mié, 29/01/2025 – 17:15
Tipo
CWE-281
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2025-24791
Descripción en
snowflake-connector-nodejs is a NodeJS driver for Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake NodeJS Driver. File permissions checks of the temporary credential cache could be bypassed by an attacker with write access to the local cache directory. This vulnerability affects versions 1.12.0 through 2.0.1 on Linux. Snowflake fixed the issue in version 2.0.2.
29/01/2025
29/01/2025
Vector CVSS:3.1
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Gravedad 3.1 (CVSS 3.1 Base Score)
4.40
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM
Referencias
Enviar en el boletín
Off
