CVE-2022-42965 – Exponential ReDoS in snowflake-connector-python leads to denial of service

https://notcve.org/view.php?id=CVE-2022-42965

09 Nov 2022 — An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the undocumented get_file_transfer_type method Se puede activar un ReDoS exponencial (Denegación de Servicio de Expresión Regular) en el paquete PyPI snowflake-connector-python, cuando un atacante puede proporcionar entradas arbitrarias al método get_file_transfer_type no documentado. • https://research.jfrog.com/vulnerabilities/snowflake-connector-python-redos-xray-257185 • CWE-1333: Inefficient Regular Expression Complexity •