Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-46614

In Snowflake ODBC Driver before 3.7.0, in certain code paths, the Driver logged the whole SQL query at the INFO level, aka Insertion of Sensitive Information into a Log File.

Published

2025-04-28T16:15:35.083

Last Modified

2025-04-29T13:52:10.697

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 3.3 (LOW)

Weaknesses

Type: Secondary
CWE-532

Affected Vendors & Products

References

https://community.snowflake.com/s/article/Snowflake-Connector-for-ODBC-Security-Advisory-CVE-2025-46614 ([email protected])