CVE-2025-50213 | Apache Airflow Providers Snowflake up to 6.3.x CopyFromExternalStageToSnowflakeOperator sql injection

Inserito da Angelo Barbosa | Giu 24, 2025 | CVE

A vulnerability classified as critical was found in Apache Airflow Providers Snowflake up to 6.3.x. This vulnerability affects the function CopyFromExternalStageToSnowflakeOperator. The manipulation leads to sql injection.

This vulnerability was named CVE-2025-50213. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-50213 | Apache Airflow Providers Snowflake up to 6.3.x CopyFromExternalStageToSnowflakeOperator sql injection

Post correlati

CVE-2024-0589 | Devolutions Remote Desktop Manager up to 2023.3.36 on Windows Entry cross site scripting (DEVO-2024-0001)

CVE-2024-51994 | Combodo iTop up to 3.1.x Text File Upload cross site scripting (GHSA-jjph-c25g-5c7g)

CVE-2024-33101 | ThinkSAAS 3.7.0 /action/anti.php word cross site scripting (Issue 34)

CVE-2022-2232 | Keycloak prior 23.0.1 Login UsernameForm ldap injection