Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-4q2q-q5pw-2342: Apache Airflow Apache Hive Provider Improper Input Validation vulnerability

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Apache Hive Provider.

Patching on top of CVE-2023-35797 Before 6.1.2 the proxy_user option can also inject semicolon.

This issue affects Apache Airflow Apache Hive Provider: before 6.1.2.

It is recommended updating provider version to 6.1.2 in order to avoid this vulnerability.

ghsa
Open in Source
#vulnerability#apache#git

Apache Airflow Apache Hive Provider Improper Input Validation vulnerability

Moderate severity GitHub Reviewed Published Jul 13, 2023 to the GitHub Advisory Database • Updated Jul 13, 2023

Related news

CVE-2023-37415

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Apache Hive Provider. Patching on top of CVE-2023-35797 Before 6.1.2 the proxy_user option can also inject semicolon. This issue affects Apache Airflow Apache Hive Provider: before 6.1.2. It is recommended updating provider version to 6.1.2 in order to avoid this vulnerability.

ghsa: Latest News

GHSA-27wf-5967-98gx: Kubernetes kubelet arbitrary command execution
ghsa