Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-5cvg-9pp5-mxcj: Apache Airflow Hive Provider vulnerable to code injection

Apache Software Foundation’s Apache Airflow Hive Provider before 6.0.0 is vulnerable to improper control of generation of code.

ghsa
#apache#git

Apache Airflow Hive Provider vulnerable to code injection

High severity GitHub Reviewed Published Apr 7, 2023 to the GitHub Advisory Database • Updated Apr 7, 2023

Related news

CVE-2023-28706: Move auth parameter from extra to Hook parameter by potiuk · Pull Request #30212 · apache/airflow

Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 6.0.0.