Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-1206

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.02765EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-0680

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.01982EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/08/02 12:0 a.m.11 views

The vulnerability of the Apache Airflow Hive Provider, a network software tool, stems from insufficient validation of input data. This vulnerability allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Apache Airflow Hive Provider network software exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information...

9CVSS7.6AI score0.01151EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/07/12 12:0 a.m.6 views

PT-2023-4067 · Apache · Apache Airflow Hive Provider

Name of the Vulnerable Software and Affected Versions: Apache Airflow Apache Hive Provider versions prior to 6.1.2 Description: The issue is related to improper input validation, which can be exploited by a remote attacker to impact the confidentiality, integrity, and availability of protected...

9CVSS7.2AI score0.01151EPSS
Exploits0References9
Cvelist
Cvelist
added 2023/07/03 9:8 a.m.38 views

CVE-2023-35797 Apache Airflow Hive Provider Beeline RCE with Principal

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Hive Provider. This issue affects Apache Airflow Apache Hive Provider: before 6.1.1. Before version 6.1.1 it was possible to bypass the security check to RCE via principal parameter. For this to be exploited it...

9.4AI score0.02791EPSS
Exploits0References3
CVE
CVE
added 2023/07/03 9:8 a.m.137 views

CVE-2023-35797

CVE-2023-35797 affects Apache Airflow Hive Provider prior to 6.1.1 and is an Improper Input Validation vulnerability that can enable remote code execution via the principal parameter when connection details are modifiable. The issue is mitigated by upgrading the provider to version 6.1.1 or later...

9.8CVSS9.2AI score0.02791EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2023/04/07 3:15 p.m.16 views

CVE-2023-28706

Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 6.0.0...

9.8CVSS9.6AI score0.02765EPSS
Exploits0References3
NVD
NVD
added 2022/12/20 11:15 a.m.34 views

CVE-2022-46421

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 5.0.0...

9.8CVSS0.0322EPSS
Exploits0References2
OSV
OSV
added 2022/12/20 11:15 a.m.14 views

CVE-2022-46421

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 5.0.0...

9.8CVSS9.6AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/12/20 10:20 a.m.10 views

CVE-2022-46421 Apache Airflow Hive Provider: Hive Provider RCE vulnerability with hive_cli_params

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 5.0.0...

9.6AI score0.0322EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/11/22 12:0 a.m.5 views

PT-2022-25664 · Apache · Apache Airflow Hive Provider +1

Name of the Vulnerable Software and Affected Versions: Apache Airflow Hive Provider versions prior to 4.1.0 Apache Airflow versions prior to 2.3.0 Description: The issue is related to an improper neutralization of special elements used in an OS command, also known as 'OS Command Injection'. This...

7.8CVSS7.8AI score0.01753EPSS
Exploits0References8
Rows per page
Query Builder