Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
ApacheAirflow Spark Provider

2 matches found

CVE
CVEadded 2023/08/28 8:15 a.m.53 views

CVE-2023-40195

Deserialization of Untrusted Data, Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Software Foundation Apache Airflow Spark Provider. When the Apache Spark provider is installed on an Airflow deployment, an Airflow user that is authorized to configure Spark hooks ca...

8.8CVSS8.7AI score0.00622EPSS
CVE
CVEadded 2023/08/17 2:15 p.m.43 views

CVE-2023-40272

Apache Airflow Spark Provider, versions before 4.1.3, is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection giving an opportunity to read files on the Airflow server.It is recommended to upgrade to a version that is not affected.

7.5CVSS7.2AI score0.00315EPSS