CVE-2023-25693

🗓️ 24 Feb 2023 12:30:15Reported by apacheType

Improper Input Validation vulnerability in Apache Airflow Sqoop Provider

Reporter	Title	Published	Views	Family All 10
OSV	Apache Airflow Sqoop Provider Improper Input Validation vulnerability	24 Feb 202312:31	–	osv
OSV	CVE-2023-25693	24 Feb 202312:15	–	osv
Vulnrichment	CVE-2023-25693 Sqoop Apache Airflow Provider Remote Code Execution Vulnerability	24 Feb 202311:48	–	vulnrichment
CNVD	Apache Airflow Sqoop Provider Input Validation Error Vulnerability	28 Feb 202300:00	–	cnvd
Cvelist	CVE-2023-25693 Sqoop Apache Airflow Provider Remote Code Execution Vulnerability	24 Feb 202311:48	–	cvelist
Veracode	Remote Code Execution (RCE)	28 Feb 202307:56	–	veracode
Prion	Input validation	24 Feb 202312:15	–	prion
Hacker One	Internet Bug Bounty: RCE vulnerability in apache-airflow-providers-apache-sqoop 3.1.0	4 Mar 202302:59	–	hackerone
NVD	CVE-2023-25693	24 Feb 202312:15	–	nvd
Github Security Blog	Apache Airflow Sqoop Provider Improper Input Validation vulnerability	24 Feb 202312:31	–	github

Nvd

Vulners

Node

apache apache-airflow-providers-apache-sqoopRange<3.1.1

[
  {
    "defaultStatus": "unaffected",
    "product": "Apache Airflow Sqoop Provider",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "lessThan": "3.1.1",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
github	www.github.com/apache/airflow/pull/29500
lists	www.lists.apache.org/thread/79qn8g5xbq036f8crb115obvr22l52q4

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

24 Feb 2023 12:15Current

9.5High risk

Vulners AI Score9.5

CVSS39.8

EPSS0.033

SSVC

CWE-20