Apache Airflow Spark Provider vulnerable to improper input validation

Apache Software Foundation Apache Airflow Spark Provider before 4.0.1 is vulnerable to improper input validation because the host and schema of JDBC Hook can contain / and ? which is used to denote the end of the field...

PT-2023-21919 · Apache · Apache Airflow Spark Provider

Name of the Vulnerable Software and Affected Versions: Apache Airflow Spark Provider versions prior to 4.0.1 Description: The issue is related to improper input validation in the Apache Airflow Spark Provider. This allows the host and schema of JDBC Hook to contain / and ?, which can be used to...