Lucene search
+L

6 matches found

osv
osv
added 2026/07/07 11:45 a.m.4 views

PYSEC-2026-1142 Airflow Sqoop Provider RCE Vulnerability

Apache Airflow Sqoop Provider, versions before 4.0.0, is affected by a vulnerability that allows an attacker pass parameters with the connections, which makes it possible to implement RCE attacks via ‘sqoop import --connect’, obtain airflow server permissions, etc. The attacker needs to be logged...

8.8CVSS7.1AI score0.01206EPSS
Exploits0References6
redhatcve
redhatcve
added 2025/05/23 2:26 a.m.8 views

CVE-2023-27604

Apache Airflow Sqoop Provider, versions before 4.0.0, is affected by a vulnerability that allows an attacker pass parameters with the connections, which makes it possible to implement RCE attacks via ‘sqoop import --connect’, obtain airflow server permissions, etc. The attacker needs to be logged...

8.8CVSS6.6AI score0.01206EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2023/09/22 12:0 a.m.8 views

The vulnerability of the Airflow Sqoop Provider plugin in the software for creating, monitoring, and orchestrating data processing scenarios allows a attacker to execute arbitrary code.

The vulnerability of the Airflow Sqoop Provider plugin, a software tool for creating, monitoring, and orchestrating data processing scenarios, is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code...

9CVSS8AI score0.01206EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2023/08/28 7:47 a.m.32 views

CVE-2023-27604 Apache Airflow Sqoop Provider: Airflow Sqoop Provider RCE Vulnerability

Apache Airflow Sqoop Provider, versions before 4.0.0, is affected by a vulnerability that allows an attacker pass parameters with the connections, which makes it possible to implement RCE attacks via ‘sqoop import --connect’, obtain airflow server permissions, etc. The attacker needs to be logged...

8.7AI score0.01206EPSS
Exploits0References2
nvd
nvd
added 2023/02/24 12:15 p.m.30 views

CVE-2023-25693

Improper Input Validation vulnerability in the Apache Airflow Sqoop Provider. This issue affects Apache Airflow Sqoop Provider versions before 3.1.1...

9.8CVSS9.5AI score0.01895EPSS
Exploits0References2
osv
osv
added 2023/02/24 11:48 a.m.17 views

CVE-2023-25693 Sqoop Apache Airflow Provider Remote Code Execution Vulnerability

Improper Input Validation vulnerability in the Apache Airflow Sqoop Provider. This issue affects Apache Airflow Sqoop Provider versions before 3.1.1...

9.8CVSS7.2AI score0.01895EPSS
Exploits0References4
Rows per page
Query Builder