Headline
GHSA-5cvg-9pp5-mxcj: Apache Airflow Hive Provider vulnerable to code injection
Apache Software Foundation’s Apache Airflow Hive Provider before 6.0.0 is vulnerable to improper control of generation of code.
Apache Airflow Hive Provider vulnerable to code injection
High severity GitHub Reviewed Published Apr 7, 2023 to the GitHub Advisory Database • Updated Apr 7, 2023
Related news
CVE-2023-28706: Move auth parameter from extra to Hook parameter by potiuk · Pull Request #30212 · apache/airflow
Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 6.0.0.