Apache Airflow Sqoop Provider, versions before 4.0.0, is affected by a vulnerability that allows an attacker pass parameters with the connections, which makes it possible to implement RCE attacks via βsqoop import --connectβ, obtain airflow server permissions, etc. The attacker needs to be logged i...
8.8CVSS
8.4AI Score
0.001EPSS