Vulnerability Database

309,540

Total vulnerabilities in the database

CVE-2025-46330

libsnowflakeclient is the Snowflake Connector for C/C++. Versions starting from 0.5.0 to before 2.2.0, incorrectly treat malformed requests that caused the HTTP response status code 400, as able to be retried. This could hang the application until SF_CON_MAX_RETRY requests were sent. This issue has been patched in version 2.2.0.

Published: Apr 29, 2025
Updated: Nov 16, 2025
CVE: CVE-2025-46330
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 3.3
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CWEs:

CWE-573

Affected Software
References

Software	From	Fixed in
snowflake / connector_for_c/c++	0.5.0	2.2.0

https://github.com/snowflakedb/libsnowflakeclient/pull/882/commits/8120a057e041722e114ed2c5dbed3b5a649f72e2
https://github.com/snowflakedb/libsnowflakeclient/security/advisories/GHSA-ch37-53v3-m4cm

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo