How severe is CVE-2025-24793?

This vulnerability has a severity rating of HIGH with a CVSS score of 7 out of 10.

What type of vulnerability is CVE-2025-24793?

This is classified as CWE-89, which is a common weakness in software security.

CVE-2025-24793 - HIGH Severity | CVSS 7

Vulnerability Description

The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. A function from the snowflake.connector.pandas_tools module is vulnerable to SQL injection. This vulnerability affects versions 2.2.5 through 3.13.0. Snowflake fixed the issue in version 3.13.1.

Related Vulnerabilities

CVE-2023-25839

HIGH

CVSS:7.0(High)

There is SQL injection vulnerability in Esri ArcGIS Insights Desktop for Mac and Windows version 2022.1 that may allow a local, authorized attacker to execute arbitrary SQL commands against the back-e...

CWE-892023

CVE-2016-1393

HIGH

CVSS:7.1(High)

SQL injection vulnerability in Cisco Cloud Network Automation Provisioner (CNAP) 1.0 and 1.1 allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuy7217...

CWE-892016

CVE-2016-9992

HIGH

CVSS:7.1(High)

IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or d...

CWE-892016

CVE-2016-9993

HIGH

CVSS:7.1(High)

CWE-892016

CVE-2016-9994

HIGH

CVSS:7.1(High)

CWE-892016

CVE-2020-14349

HIGH

CVSS:7.1(High)

It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in a...

CWE-892020