Sfc-Gh-Fochnik

**Name of the Vulnerable Software and Affected Versions** Snowflake Connector for Python versions 2.7.12 through 3.13.0 **Description** The OCSP response cache in the Snowflake Connector for Python uses `pickle` as the serialization format, potentially leading to local privilege escalation. This issue can be exploited if an attacker has write access to the OCSP response cache file. The vulnerability was discovered and remediated by Snowflake. **Recommendations** For versions 2.7.12 through 3.13.0, upgrade to version 3.13.1 to fix the issue. As a temporary workaround, consider restricting access to the OCSP response cache file to minimize the risk of exploitation.