Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider.
Apache Airflow Drill Provider is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection with DrillHook giving an opportunity to read files on the Airflow server.
This issue affects Apache Airflow Drill Provider: before 2.4.3.
It is recommended to upgrade to a version that is not affected.
Metrics
Affected Vendors & Products
References
History
Thu, 13 Feb 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider. Apache Airflow Drill Provider is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection with DrillHook giving an opportunity to read files on the Airflow server. This issue affects Apache Airflow Drill Provider: before 2.4.3. It is recommended to upgrade to a version that is not affected. | Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider. Apache Airflow Drill Provider is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection with DrillHook giving an opportunity to read files on the Airflow server. This issue affects Apache Airflow Drill Provider: before 2.4.3. It is recommended to upgrade to a version that is not affected. |
Tue, 01 Oct 2024 19:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: apache
Published: 2023-08-11T07:18:14.202Z
Updated: 2025-02-13T17:03:14.052Z
Reserved: 2023-08-05T14:03:09.106Z
Link: CVE-2023-39553

Updated: 2024-08-02T18:10:21.143Z

Status : Modified
Published: 2023-08-11T08:15:09.103
Modified: 2025-02-13T17:16:54.157
Link: CVE-2023-39553

No data.