VDB
KO
MEDIUM 5.9

PYSEC-2026-922

snowflake-connector-python is vulnerable to Regular Expression Denial of Service (ReDoS)

Details

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the get_file_transfer_type method.

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / snowflake-connector-python
Introduced in: 0 Fixed in: 2.8.2
Fix pip install --upgrade 'snowflake-connector-python>=2.8.2'

References