{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-17T00:47:32.406","vulnerabilities":[{"cve":{"id":"CVE-2025-46329","sourceIdentifier":"security-advisories@github.com","published":"2025-04-29T05:15:46.650","lastModified":"2025-05-09T19:37:56.527","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"libsnowflakeclient is the Snowflake Connector for C/C++. Versions starting from 0.5.0 to before 2.2.0, are vulnerable to local logging of sensitive information. When the logging level was set to DEBUG, the Connector would log locally the client-side encryption master key of the target stage during the execution of GET/PUT commands. This key by itself does not grant access to any sensitive data without additional access authorizations, and is not logged server-side by Snowflake. This issue has been patched in version 2.2.0."},{"lang":"es","value":"libsnowflakeclient es el conector de Snowflake para C/C++. Las versiones desde la 0.5.0 hasta la 2.2.0 anteriores son vulnerables al registro local de información confidencial. Cuando el nivel de registro se establecía en DEBUG, el conector registraba localmente la clave maestra de cifrado del lado del cliente de la etapa de destino durante la ejecución de comandos GET/PUT. Esta clave, por sí sola, no otorga acceso a datos confidenciales sin autorizaciones de acceso adicionales y Snowflake no la registra en el servidor. Este problema se ha corregido en la versión 2.2.0."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":1.4}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-532"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:snowflake:connector_for_c\\/c\\+\\+:*:*:*:*:*:*:*:*","versionStartIncluding":"0.5.0","versionEndExcluding":"2.2.0","matchCriteriaId":"F0A1F10B-37C7-47D5-AB9E-A657E899CED4"}]}]}],"references":[{"url":"https://github.com/snowflakedb/libsnowflakeclient/commit/3caa8a6a3ee95e0a66ead03b4bf6a2d1ca42ebfe","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/snowflakedb/libsnowflakeclient/security/advisories/GHSA-jx4f-645p-wjpx","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}