6 matches found
CVE-2023-28707
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider.This issue affects Apache Airflow Drill Provider: before 2.3.2...
CVE-2023-28707
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider.This issue affects Apache Airflow Drill Provider: before 2.3.2...
acceldata-o2a (=1.0.0), acryl-datahub-airflow-plugin (>=0.8.44.4 <=1.3.1.post1) +129 more potentially affected by CVE-2023-28707 via apache-airflow (>=1.8.2 <=2.2.5)
apache-airflow PYPI version =1.8.2, =0.8.44.4, =1.4.0.3.post4, =1.4.0.3.post3, =0.1.0rc3, =0.1.0, =0.4.0, =0.1.0a1, =0.6.0, =0.1.1, =0.1.1, =0.2.0, =0.11.0 and more Source cves: CVE-2023-28707 Source advisory: OSV:PYSEC-2023-3...
CVE-2023-28707 Airflow Apache Drill Provider Arbitrary File Read Vulnerability
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider.This issue affects Apache Airflow Drill Provider: before 2.3.2...
CVE-2023-28707 Airflow Apache Drill Provider Arbitrary File Read Vulnerability
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider.This issue affects Apache Airflow Drill Provider: before 2.3.2...
CVE-2023-28707
Apache Airflow Drill Provider (Apache Software Foundation) before 2.3.2 is affected by an improper input validation vulnerability in drill connections (unsanitized host). This can enable reading arbitrary files exposed by the vulnerable component. CVSS v3.1 base score 7.5 (HIGH). Remediation: upg...