Vulnerability Details CVE-2022-42965
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the undocumented get_file_transfer_type method
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 24.3%
CVSS Severity
CVSS v3 Score 3.7
References
Products affected by CVE-2022-42965
-
cpe:2.3:a:snowflake:snowflake-connector-python:-