CVE-2023-35798
The CVE affects Apache Airflow ODBC Provider (before 4.0.0) and Apache Airflow MSSQL Provider (before 3.4.1). The issue is an input-validation/arbitrary file-read vulnerability exposed when DAG code uses get_sqlalchemy_connection, allowing access to files via resource updates. Impact is described...