Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-r2f6-6928-fh8f: Apache Airflow Spark Provider Improper Input Validation vulnerability

Apache Airflow Spark Provider, versions before 4.1.3, is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection giving an opportunity to read files on the Airflow server. It is recommended to upgrade to a version that is not affected.

ghsa
#vulnerability#apache#git

Apache Airflow Spark Provider Improper Input Validation vulnerability

Moderate severity GitHub Reviewed Published Aug 17, 2023 to the GitHub Advisory Database • Updated Aug 17, 2023

Related news

CVE-2023-40272

Apache Airflow Spark Provider, versions before 4.1.3, is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection giving an opportunity to read files on the Airflow server. It is recommended to upgrade to a version that is not affected.

ghsa: Latest News

GHSA-hqmp-g7ph-x543: TunnelVision - decloaking VPNs using DHCP