Severity: low Affected versions:
- Apache Airflow Providers Snowflake (apache-airflow-providers-snowflake) before 6.4.0 Description: Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) vulnerability in Apache Airflow Providers Snowflake. This issue affects Apache Airflow Providers Snowflake: before 6.4.0. Sanitation of table and stage parameters were added in CopyFromExternalStageToSnowflakeOperator to prevent SQL injection Users are recommended to upgrade to version 6.4.0, which fixes the issue. Credit: Nhien Pham (@nhienit) at Galaxy One (finder) References: https://github.com/apache/airflow/pull/51734 https://airflow.apache.org/ https://www.cve.org/CVERecord?id=CVE-2025-50213
