CVE-2026-3293
Received Received - Intake
Inefficient Regex Complexity in Snowflake-JDBC SdkProxyRoutePlanner

Publication date: 2026-02-27

Last updated on: 2026-04-29

Assigner: VulDB

Description
A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. Executing a manipulation of the argument nonProxyHosts can lead to inefficient regular expression complexity. The attack can only be executed locally. The exploit has been made available to the public and could be used for attacks. This patch is called 5fb0a8a318a2ed87f4022a1f56e742424ba94052. A patch should be applied to remediate this issue.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-27
Last Modified
2026-04-29
Generated
2026-05-06
AI Q&A
2026-02-27
EPSS Evaluated
2026-05-05
NVD
CVE-2026-3293
EUVD
EUVD-2026-9002
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
snowflake snowflake_jdbc to 4.0.1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1333 The product uses a regular expression with an inefficient, possibly exponential worst-case computational complexity that consumes excessive CPU cycles.
CWE-400 The product does not properly control the allocation and maintenance of a limited resource.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the snowflake-jdbc component, specifically in the SdkProxyRoutePlanner function of the JDBC URL Handler. It involves manipulation of the argument nonProxyHosts, which can cause inefficient regular expression complexity. This means that if an attacker manipulates this argument locally, it could lead to performance issues or resource exhaustion due to the way regular expressions are processed.

The vulnerability can only be exploited locally and the exploit code has been made publicly available. A patch has been released to fix this issue.


How can this vulnerability impact me? :

The impact of this vulnerability is primarily a denial of service through inefficient regular expression processing, which can degrade system performance or cause resource exhaustion.

Since the attack requires local access, it limits the risk to users or attackers who already have some level of access to the system.

The CVSS scores indicate a low to moderate impact, with no confidentiality or integrity loss, but potential availability impact.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

I don't know


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, you should apply the patch identified as 5fb0a8a318a2ed87f4022a1f56e742424ba94052 to the snowflake-jdbc component.

Since the attack can only be executed locally, ensure that local access to the affected system is properly controlled and restricted.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart