CVE-2025-50213

Name of the Vulnerable Software and Affected Versions: Apache Airflow Providers Snowflake versions prior to 6.4.0

Description: The issue is related to a Failure to Sanitize Special Elements into a Different Plane, also known as Special Element Injection vulnerability. This vulnerability affects the CopyFromExternalStageToSnowflakeOperator, where sanitation of table and stage parameters was added to prevent SQL injection.

Recommendations: For versions prior to 6.4.0, upgrade to version 6.4.0, which fixes the issue. As a temporary workaround, consider adding sanitation to the table and stage parameters in the CopyFromExternalStageToSnowflakeOperator to prevent SQL injection.