Snowflake identified a vulnerability within the NodeJS driver, specifically regarding improper permissions checks of the temporary credential cache. Attackers with write access to the local cache directory could exploit this flaw, impacting versions 1.12.0 through 2.0.1 on Linux systems. To address this issue, Snowflake released an updated version—2.0.2—to secure the driver against potential breaches. This incident underscores the importance of strict permissions management to safeguard sensitive data.
Snowflake discovered and remediated a vulnerability in the Snowflake NodeJS Driver, which allowed attackers to bypass permission checks on local credential caches.
The vulnerability affects Snowflake NodeJS Driver versions 1.12.0 through 2.0.1 on Linux, prompting a fix in version 2.0.2 to enhance local cache security.
Collection
[
|
...
]