CVE-2025-46330

Name of the Vulnerable Software and Affected Versions libsnowflakeclient versions 0.5.0 through 2.2.0

Description The issue concerns the Snowflake Connector for C/C++, which incorrectly treats malformed requests that cause the HTTP response status code 400 as able to be retried. This could hang the application until SF CON MAX RETRY requests were sent. The problem has been patched in version 2.2.0.

Recommendations For versions 0.5.0 through 2.2.0, update to version 2.2.0 to resolve the issue. As a temporary workaround, consider restricting the number of retries for malformed requests to prevent the application from hanging.