gosnowflake

About this tag
The gosnowflake tag on WindowsForum.com covers discussions about the Go Snowflake driver, including security vulnerabilities and updates. Recent content highlights CVE-2025-46327, a TOCTOU race condition in gosnowflake's Easy Logging feature that could allow local privilege escalation. The issue was patched in gosnowflake v1.13.3, and Microsoft's Security Response Center identified affected Azure Linux images. Topics include driver security, patching, and enterprise impact.
  1. CVE-2025-46327 gosnowflake TOCTOU: Upgrade to v1.13.3 for Safe Logging

    The Go Snowflake driver (gosnowflake) was assigned CVE-2025-46327 after researchers discovered a Time-of-Check to Time-of-Use (TOCTOU) race condition in the driver’s Easy Logging feature that can let a local, low-privilege attacker manipulate logging configuration files and influence log level...