67 matches found
CVE-2023-25696
Improper Input Validation vulnerability in the Apache Airflow Hive Provider. This issue affects Apache Airflow Hive Provider versions before 5.1.3...
EUVD-2023-2075
Malicious code in bioql PyPI...
EUVD-2023-1206
Malicious code in bioql PyPI...
EUVD-2022-7313
Malicious code in bioql PyPI...
EUVD-2023-1955
Malicious code in bioql PyPI...
EUVD-2023-0680
Malicious code in bioql PyPI...
EUVD-2022-7732
Malicious code in bioql PyPI...
CVE-2023-28706
Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 6.0.0...
CVE-2022-41131
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Apache Airflow Hive Provider, Apache Airflow allows an attacker to execute arbtrary commands in the task execution context, without write access to DAG files. This issue affects Hive Provider...
CVE-2022-46421
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 5.0.0...
CVE-2023-37415
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Apache Hive Provider. Patching on top of CVE-2023-35797 Before 6.1.2 the proxyuser option can also inject semicolon. This issue affects Apache Airflow Apache Hive Provider: before 6.1.2. It is recommended updatin...
CVE-2023-35797
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Hive Provider. This issue affects Apache Airflow Apache Hive Provider: before 6.1.1. Before version 6.1.1 it was possible to bypass the security check to RCE via principal parameter. For this to be exploited it...
BIT-AIRFLOW-2022-41131 Apache Airflow Hive Provider vulnerability (command injection via hive_cli connection)
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Apache Airflow Hive Provider, Apache Airflow allows an attacker to execute arbtrary commands in the task execution context, without write access to DAG files. This issue affects Hive Provider...
The vulnerability of the Apache Airflow Hive Provider, a network software tool, arises from improper code generation management. This allows an attacker to execute arbitrary code.
The vulnerability of the Apache Airflow Hive Provider network software is related to incorrect code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Apache Airflow Hive Provider, a network software tool, stems from insufficient validation of input data. This vulnerability allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Apache Airflow Hive Provider network software exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information...
GHSA-4Q2Q-Q5PW-2342 Apache Airflow Apache Hive Provider Improper Input Validation vulnerability
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Apache Hive Provider. Patching on top of CVE-2023-35797 Before 6.1.2 the proxyuser option can also inject semicolon. This issue affects Apache Airflow Apache Hive Provider: before 6.1.2. It is recommended updatin...
CVE-2023-37415
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Apache Hive Provider. Patching on top of CVE-2023-35797 Before 6.1.2 the proxyuser option can also inject semicolon. This issue affects Apache Airflow Apache Hive Provider: before 6.1.2. It is recommended updatin...
CVE-2023-37415 Apache Airflow Apache Hive Provider: Improper Input Validation in Hive Provider with proxy_user
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Apache Hive Provider. Patching on top of CVE-2023-35797 Before 6.1.2 the proxyuser option can also inject semicolon. This issue affects Apache Airflow Apache Hive Provider: before 6.1.2. It is recommended updatin...
CVE-2023-37415 Apache Airflow Apache Hive Provider: Improper Input Validation in Hive Provider with proxy_user
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Apache Hive Provider. Patching on top of CVE-2023-35797 Before 6.1.2 the proxyuser option can also inject semicolon. This issue affects Apache Airflow Apache Hive Provider: before 6.1.2. It is recommended updatin...
CVE-2023-37415
CVE-2023-37415 is an Improper Input Validation vulnerability affecting the Apache Airflow Hive Provider (versions before 6.1.2). The issue arises from input validation around the proxy_user option, which can permit semicolon injection, enabling an attacker to impact confidentiality, integrity, an...