Lucene search
K

117 matches found

OSV
OSV
added 2023/08/11 9:30 a.m.28 views

GHSA-MQ4V-6VG4-796C apache-airflow-providers-apache-drill Improper Input Validation vulnerability

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider. Apache Airflow Drill Provider is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection with DrillHook giving an opportunity to read fil...

8.7CVSS7.3AI score0.01776EPSS
Exploits0References8
NVD
NVD
added 2023/08/11 8:15 a.m.27 views

CVE-2023-39553

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider. Apache Airflow Drill Provider is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection with DrillHook giving an opportunity to read fil...

7.5CVSS7.4AI score0.01776EPSS
Exploits0References3
Prion
Prion
added 2023/08/11 8:15 a.m.19 views

Input validation

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider. Apache Airflow Drill Provider is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection with DrillHook giving an opportunity to read fil...

5CVSS7.3AI score0.01776EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/08/11 8:15 a.m.24 views

PYSEC-2023-136

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider. Apache Airflow Drill Provider is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection with DrillHook giving an opportunity to read fil...

7.5CVSS6.6AI score0.01776EPSS
Exploits0References3
PyPA
PyPA
added 2023/08/11 8:15 a.m.8 views

PYSEC-2023-136

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider.Apache Airflow Drill Provider is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection with DrillHook giving an opportunity to read file...

7.5CVSS6.7AI score0.01776EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/08/11 7:18 a.m.21 views

CVE-2023-39553 Apache Airflow Drill Provider Arbitrary File Read Vulnerability

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider. Apache Airflow Drill Provider is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection with DrillHook giving an opportunity to read fil...

7.5CVSS6.7AI score0.01776EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/08/11 7:18 a.m.12 views

CVE-2023-39553 Apache Airflow Drill Provider Arbitrary File Read Vulnerability

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider. Apache Airflow Drill Provider is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection with DrillHook giving an opportunity to read fil...

7.3AI score0.01776EPSS
Exploits0References3
CVE
CVE
added 2023/08/11 7:18 a.m.67 views

CVE-2023-39553

CVE-2023-39553 affects Apache Airflow Drill Provider prior to 2.4.3. The vulnerability arises from improper input validation that allows an attacker to pass malicious parameters when establishing a DrillHook connection, enabling read access to files on the Airflow server. CVSS v3.1 metrics indica...

7.5CVSS7.3AI score0.01776EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/08/11 7:18 a.m.35 views

CVE-2023-39553 Apache Airflow Drill Provider Arbitrary File Read Vulnerability

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider. Apache Airflow Drill Provider is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection with DrillHook giving an opportunity to read fil...

7.6AI score0.01776EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/08/11 12:0 a.m.4 views

PT-2023-4419

Name of the Vulnerable Software and Affected Versions Apache Airflow Drill Provider versions prior to 2.4.3 Description The issue is related to improper input validation in Apache Airflow Drill Provider, allowing an attacker to pass malicious parameters when establishing a connection with...

8.7CVSS6.7AI score0.01776EPSS
Exploits0References20
CNNVD
CNNVD
added 2023/08/11 12:0 a.m.4 views

Apache Airflow 输入验证错误漏洞

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. An input validation error vulnerability exists in Apache Airflow Drill Provider...

7.5CVSS6.7AI score0.01776EPSS
Exploits0References4
Akamai Blog
Akamai Blog
added 2023/07/27 2:0 p.m.33 views

The Never-Ending Phishing Scam: When “Natalie Hamilton” Reemerged with a Vengeance (and Power Drill)

...

7AI score
Exploits0
CNVD
CNVD
added 2023/07/12 12:0 a.m.12 views

Siemens SIMATIC MV500 Devices Uncontrolled Resource Consumption Vulnerability

SIMATIC MV500 products are fixed optical readers for capturing print, laser, drill, punch and dotted line codes on a variety of different surfaces. Siemens SIMATIC MV500 Devices has an uncontrolled resource consumption vulnerability that can be exploited by an attacker to cause a denial of servic...

7.5CVSS7.4AI score0.00653EPSS
Exploits0References1
Veracode
Veracode
added 2023/04/11 2:1 a.m.18 views

Improper Input Validation

apache-airflow-providers-apache-drill is vulnerable to Improper Input Validation. The vulnerability exists because the getconn function of drill.py does not properly sanitize invalid characters when the host passes through the drill connection...

7.5CVSS7.3AI score0.02062EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2023/04/07 3:30 p.m.73 views

GHSA-85PF-R4C7-3J9R Apache Airflow Drill Provider vulnerable to improper input validation

Apache Software Foundation's Apache Airflow Drill Provider before 2.3.2 is vulnerable to improper input validation because the host passed in drill connection is not sanitized...

8.7CVSS7.3AI score0.02062EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2023/04/07 3:30 p.m.21 views

Apache Airflow Drill Provider vulnerable to improper input validation

Apache Software Foundation's Apache Airflow Drill Provider before 2.3.2 is vulnerable to improper input validation because the host passed in drill connection is not sanitized...

7.5CVSS7.2AI score0.02062EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2023/04/07 3:15 p.m.44 views

CVE-2023-28707

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider.This issue affects Apache Airflow Drill Provider: before 2.3.2...

7.5CVSS7.5AI score0.02062EPSS
Exploits0References3
PyPA
PyPA
added 2023/04/07 3:15 p.m.8 views

PYSEC-2023-3

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider.This issue affects Apache Airflow Drill Provider: before 2.3.2...

7.5CVSS7AI score0.02062EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/04/07 3:15 p.m.26 views

PYSEC-2023-3

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider.This issue affects Apache Airflow Drill Provider: before 2.3.2...

7.5CVSS7.8AI score0.02062EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/04/07 2:53 p.m.47 views

CVE-2023-28707 Airflow Apache Drill Provider Arbitrary File Read Vulnerability

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider.This issue affects Apache Airflow Drill Provider: before 2.3.2...

7.7AI score0.02062EPSS
Exploits0References3
Rows per page
Query Builder