CVE-2023-27604 Apache Airflow Sqoop Provider: Airflow Sqoop Provider RCE Vulnerability

Apache Airflow Sqoop Provider, versions before 4.0.0, is affected by a vulnerability that allows an attacker pass parameters with the connections, which makes it possible to implement RCE attacks via ‘sqoop import --connect’, obtain airflow server permissions, etc. The attacker needs to be logged...

CVE-2023-25693

Improper Input Validation vulnerability in the Apache Airflow Sqoop Provider. This issue affects Apache Airflow Sqoop Provider versions before 3.1.1...

CVE-2023-25693

Improper Input Validation vulnerability in the Apache Airflow Sqoop Provider. This issue affects Apache Airflow Sqoop Provider versions before 3.1.1...

CVE-2023-25693 Sqoop Apache Airflow Provider Remote Code Execution Vulnerability

Improper Input Validation vulnerability in the Apache Airflow Sqoop Provider. This issue affects Apache Airflow Sqoop Provider versions before 3.1.1...

PT-2023-20250 · Apache · Apache Airflow Sqoop Provider

Name of the Vulnerable Software and Affected Versions: Apache Airflow Sqoop Provider versions prior to 3.1.1 Description: The issue is related to an Improper Input Validation vulnerability in the Apache Airflow Sqoop Provider. Recommendations: For versions prior to 3.1.1, update to version 3.1.1 ...