EUVD-2023-1863

Malicious code in bioql PyPI...

CVE-2023-35798

Input Validation vulnerability in Apache Software Foundation Apache Airflow ODBC Provider, Apache Software Foundation Apache Airflow MSSQL Provider.This vulnerability is considered low since it requires DAG code to use getsqlalchemyconnection and someone with access to connection resources...

CVE-2023-35798

Input Validation vulnerability in Apache Software Foundation Apache Airflow ODBC Provider, Apache Software Foundation Apache Airflow MSSQL Provider.This vulnerability is considered low since it requires DAG code to use getsqlalchemyconnection and someone with access to connection resources...

CVE-2023-35798 Airflow Apache ODBC and MSSQL Providers Arbitrary File Read Vulnerability

Input Validation vulnerability in Apache Software Foundation Apache Airflow ODBC Provider, Apache Software Foundation Apache Airflow MSSQL Provider.This vulnerability is considered low since it requires DAG code to use getsqlalchemyconnection and someone with access to connection resources...

CVE-2023-35798

The CVE affects Apache Airflow ODBC Provider (before 4.0.0) and Apache Airflow MSSQL Provider (before 3.4.1). The issue is an input-validation/arbitrary file-read vulnerability exposed when DAG code uses get_sqlalchemy_connection, allowing access to files via resource updates. Impact is described...

PT-2023-3656 · Apache · Apache Airflow Mysql Provider +1

Name of the Vulnerable Software and Affected Versions: Apache Airflow ODBC Provider versions prior to 4.0.0 Apache Airflow MSSQL Provider versions prior to 3.4.1 Description: The issue is related to insufficient input validation in the Apache Airflow MSSQL Provider and Airflow ODBC Provider...