Workflow

Snowflake-connector-python

Latest version: v3.13.2

Safety actively analyzes 710644 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 19

3.13.2

- v3.13.2(January 29, 2025)
- Changed not to use scoped temporary objects.

3.13.1

- v3.13.1(January 29, 2025)
- Remedied SQL injection vulnerability in snowflake.connector.pandas_tools.write_pandas. See more https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv
- Remedied vulnerability in deserialization of the OCSP response cache. See more: https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx
- Remedied vulnerability connected to cache files permissions. See more: https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43

3.13.0

- v3.13.0(January 23,2025)
- Added a feature to limit the sizes of IO-bound ThreadPoolExecutors during PUT and GET commands.
- Updated README.md to include instructions on how to verify package signatures using `cosign`.
- Updated the log level for cursor's chunk rowcount from INFO to DEBUG.
- Added a feature to verify if the connection is still good enough to send queries over.
- Added support for base64-encoded DER private key strings in the `private_key` authentication type.

3.12.4

- v3.12.4(December 3,2024)
- Fixed a bug where multipart uploads to Azure would be missing their MD5 hashes.
- Fixed a bug where OpenTelemetry header injection would sometimes cause Exceptions to be thrown.
- Fixed a bug where OCSP checks would throw TypeError and make mainly GCP blob storage unreachable.
- Bumped pyOpenSSL dependency from >=16.2.0,<25.0.0 to >=22.0.0,<25.0.0.

3.12.3

- v3.12.3(October 25,2024)
- Improved the error message for SSL-related issues to provide clearer guidance when an SSL error occurs.
- Improved error message for SQL execution cancellations caused by timeout.

3.12.2

Not secure
- v3.12.2(September 11,2024)
- Improved error handling for asynchronous queries, providing more detailed and informative error messages when an async query fails.
- Improved inference of top-level domains for accounts specifying a region in China, now defaulting to snowflakecomputing.cn.
- Improved implementation of the `snowflake.connector.util_text.random_string` to reduce the likelihood of collisions.
- Updated the log level for OCSP fail-open warning messages from ERROR to WARNING.

Page 1 of 19

Links

Releases

Has known vulnerabilities

Next

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.