CVE-2025-50213

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) vulnerability in Apache Airflow Providers Snowflake. This issue affects Apache Airflow Providers Snowflake: before 6.4.0. Sanitation of table and stage parameters were added in CopyFromExternalStageToSnowflakeOperator to prevent SQL injection Users are recommended to upgrade to version 6.4.0, which fixes the issue.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/apache/airflow/pull/51734	Issue Tracking Patch
https://lists.apache.org/thread/2kqfmyt2pghg5f6797g8hzvq331v8qx3	Mailing List Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:apache:apache-airflow-providers-snowflake:*:*:*:*:*:*:*:*

History

11 Jul 2025, 18:36

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-24 08:15

Updated : 2025-07-11 18:36

NVD link : CVE-2025-50213

Mitre link : CVE-2025-50213

CVE.ORG link : CVE-2025-50213

JSON object : View

Products Affected

apache

apache-airflow-providers-snowflake

CWE

CWE-75

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)

{"id": "CVE-2025-50213", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2025-06-24T08:15:24.253", "references": [{"url": "https://github.com/apache/airflow/pull/51734", "tags": ["Issue Tracking", "Patch"], "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread/2kqfmyt2pghg5f6797g8hzvq331v8qx3", "tags": ["Mailing List", "Vendor Advisory"], "source": "security@apache.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security@apache.org", "description": [{"lang": "en", "value": "CWE-75"}]}], "descriptions": [{"lang": "en", "value": "Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) vulnerability in Apache Airflow Providers Snowflake.\n\nThis issue affects Apache Airflow Providers Snowflake: before 6.4.0.\n\nSanitation of table and stage parameters were added in\u00a0CopyFromExternalStageToSnowflakeOperator\u00a0to prevent\u00a0SQL injection\nUsers are recommended to upgrade to version 6.4.0, which fixes the issue."}, {"lang": "es", "value": "Vulnerabilidad por fallo en la depuraci\u00f3n de elementos especiales en un plano diferente (inyecci\u00f3n de elementos especiales) en Apache Airflow Providers Snowflake. Este problema afecta a Apache Airflow Providers Snowflake: versiones anteriores a la 6.4.0. Se a\u00f1adi\u00f3 la depuraci\u00f3n de los par\u00e1metros de tabla y etapa en CopyFromExternalStageToSnowflakeOperator para evitar la inyecci\u00f3n de SQL. Se recomienda a los usuarios actualizar a la versi\u00f3n 6.4.0, que soluciona el problema."}], "lastModified": "2025-07-11T18:36:05.753", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:apache-airflow-providers-snowflake:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB551B24-0E93-4F5F-B201-B96E875D49B4", "versionEndExcluding": "6.4.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@apache.org"}