CVE-2025-50213 Information
Jun 26, 2025
cve
Description
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) vulnerability in Apache Airflow Providers Snowflake.
This issue affects Apache Airflow Providers Snowflake: before 6.4.0.
Sanitation of table and stage parameters were added in CopyFromExternalStageToSnowflakeOperator to prevent SQL injection Users are recommended to upgrade to version 6.4.0 which fixes the issue.
Reference
https://github.com/apache/airflow/pull/51734 https://lists.apache.org/thread/2kqfmyt2pghg5f6797g8hzvq331v8qx3
Related CNNVD
CNNVD-202506-3061 (Published: 2025-06-24)
Share on: