Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Apache Hive Provider.
Patching on top of CVE-2023-35797
Before 6.1.2 the proxy_user option can also inject semicolon.
This issue affects Apache Airflow Apache Hive Provider: before 6.1.2.
It is recommended updating provider version to 6.1.2 in order to avoid this vulnerability.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: apache
Published: 2023-07-13T07:35:33.474Z
Updated: 2024-08-02T17:16:29.336Z
Reserved: 2023-07-05T16:59:36.017Z
Link: CVE-2023-37415
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-07-13T08:15:10.767
Modified: 2023-07-25T14:51:35.160
Link: CVE-2023-37415
Redhat
No data.