The vulnerability of the network-based software for automating data processing tasks in HDFS and Apache Airflow’s HDFS Provider lies in the fact that functions from an unverified controlled area are enabled, allowing attackers to load arbitrary packages.
The vulnerability of the network-based software for automating data processing tasks in HDFS and Apache Airflow’s HDFS Provider is related to the inclusion of functions from an unverified controlled area during the processing of PyPI package names. Exploiting this vulnerability allows a malicious...