Lucene search
HistoryApr 07, 2023 - 3:15 p.m.
CVE-2023-28707
cve-2023-28707
apache software foundation
apache airflow
drill provider
improper input validation
nvd
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.002 Low
EPSS
Percentile
58.9%
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider.This issue affects Apache Airflow Drill Provider: before 2.3.2.
Affected configurations
Node
apacheapache-airflow-providers-apache-drillRange≤2.3.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache:apache-airflow-providers-apache-drill | apache apache-airflow-providers-apache-drill | lt | 2.3.2 |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Apache Airflow Drill Provider",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "2.3.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]Related
osv
osv
PYSEC-2023-3
2023-04-07 15:15:00
Apache Airflow Drill Provider vulnerable to improper input validation
2023-04-07 15:30:38
CVE-2023-28707
2023-04-07 15:15:08
veracode
veracode
Improper Input Validation
2023-04-11 02:01:29
github
github
Apache Airflow Drill Provider vulnerable to improper input validation
2023-04-07 15:30:38
prion
prion
Input validation
2023-04-07 15:15:00
cvelist
cvelist
nvd
nvd
CVE-2023-28707
2023-04-07 15:15:08
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.002 Low
EPSS
Percentile
58.9%
Related for CVE-2023-28707