CVE-2023-22886

by Fred · 29/06/2023

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow JDBC Provider. Airflow JDBC Provider Connection’s [Connection URL] parameters had no restrictions, which made it possible to implement RCE attacks via different type JDBC drivers, obtain airflow server permission. This issue affects Apache Airflow JDBC Provider: before 4.0.0.

Date published : 2023-06-29

https://lists.apache.org/thread/ynbjwp4n0vzql0xzhog1gkp1ovncf8j3

CVE-2023-22886

Similar

Recent Posts

Categories

CVE-2023-22886

Share this:

Similar

Recent Posts

Categories

Tags