SQL Injection

apache-airflow-providers-snowflake is vulnerable to SQL Injection. The vulnerability is due to failure to sanitize special elements due to improper sanitation of table and stage parameters in the CopyFromExternalStageToSnowflakeOperator component...

airflow-oracle-snowflake-plugin (>=0.1.0 <=0.1.2), airflow-provider-cloe (>=20221202.9.0 <=20221202.13.0) +3 more potentially affected by CVE-2025-50213 via apache-airflow-providers-snowflake (>=1.1.0 <=6.13.0)

apache-airflow-providers-snowflake PYPI version =1.1.0, =0.1.0, =20221202.9.0, =0.0.4, =0.1.0, =0.1.1 Source cves: CVE-2025-50213 Source advisory: OSV:PYSEC-2025-51...

aind-airflow-jobs (>=0.2.1 <=0.2.6), airflow-tools (>=0.3.1 <=0.6.3) +5 more potentially affected by CVE-2024-28746 via apache-airflow (>=2.8.0 <=2.8.2)

apache-airflow PYPI version =2.8.0, =0.2.1, =0.3.1, =1.0.0rc1, =1.0.0rc1, =1.0.0, =1.1.0.post0.dev45, =1.1.3.post0.dev5 Source cves: CVE-2024-28746 Source advisory: OSV:PYSEC-2024-46...